[jira] [Commented] (HDFS-6134) Transparent data at rest encryption

Tue, 12 Aug 2014 13:02:42 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14094587#comment-14094587
 ] 

Alejandro Abdelnur commented on HDFS-6134:
------------------------------------------

bq. Also I do not understand why httpfs works and webhdfs "breaks". Neither 
will be running as the end-user and hence neither will allow transparent 
encryption. Am I missing something?

Both httpfs and webhdfs will work just fine. when reading/writing a file, 
webhdfs (DN) and httpfs (httpfs) will need to get the file encryption key in 
decrypted form. httpfs runs as 'httpfs' user, webhdfs runs as 'hdfs' user 
(embedded in the NN/DNs). Typically KMS would be configured not to decrypt keys 
 for the 'hdfs' user (one of the goals is that the hdfs user should not have 
access to the keys so it cannot decrypt files). For webhdfs to work, the 'hdfs' 
user must not be blacklisted in the KMS, thus the 'hdfs' user has access to the 
decrypted keys for files. 

The point is, if webhdfs is enabled, then KMS has to be configured in  a way 
that the 'hdfs' user can access all files in encrytped form. And this could 
fail some security audits users may have to do in their clusters.

> Transparent data at rest encryption
> -----------------------------------
>
>                 Key: HDFS-6134
>                 URL: https://issues.apache.org/jira/browse/HDFS-6134
>             Project: Hadoop HDFS
>          Issue Type: New Feature
>          Components: security
>    Affects Versions: 3.0.0, 2.3.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Charles Lamb
>         Attachments: HDFS-6134.001.patch, HDFS-6134.002.patch, 
> HDFS-6134_test_plan.pdf, HDFSDataatRestEncryption.pdf, 
> HDFSDataatRestEncryptionProposal_obsolete.pdf, 
> HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive 
> data at rest must be in encrypted form. For example: the health­care industry 
> (HIPAA regulations), the card payment industry (PCI DSS regulations) or the 
> US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can 
> be used transparently by any application accessing HDFS via Hadoop Filesystem 
> Java API, Hadoop libhdfs C library, or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with 
> different regulation requirements.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to