[
https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14048380#comment-14048380
]
Tsz Wo Nicholas Sze commented on HDFS-6134:
-------------------------------------------
> ..., at rest. Someone who has root access can read decrypted plaintext out of
> memory directly, no need for steps 2 and 3 above.
There is a distinction -- Without steps 2 and 3, the malicious admin can ONLY
obtain the data being decrypted in a node. With steps 2 and 3, the admin could
read the entire file.
Ideally, the malicious admin should ONLY obtain the data being decrypted in a
node that he/she has root access. Such requirement is achievable -- Suppose
files are encrypted by stream cipher. When a task need to access a range data
of a file, only the corresponding range of keysteam is sent to the task.
> Transparent data at rest encryption
> -----------------------------------
>
> Key: HDFS-6134
> URL: https://issues.apache.org/jira/browse/HDFS-6134
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.3.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Attachments: HDFSDataatRestEncryptionProposal_obsolete.pdf,
> HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive
> data at rest must be in encrypted form. For example: the healthÂcare industry
> (HIPAA regulations), the card payment industry (PCI DSS regulations) or the
> US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can
> be used transparently by any application accessing HDFS via Hadoop Filesystem
> Java API, Hadoop libhdfs C library, or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with
> different regulation requirements.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
