[
https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14097505#comment-14097505
]
Suresh Srinivas commented on HDFS-6134:
---------------------------------------
Finally got some time to catchup on this jira. Nice work team!
Some comments:
* Is there a document that covers aspects of how authentication and
authorization works with KMS?
* Also consolidating how the extended attributes is used by the feature into
the main design document or one design document will help.
* Now a file has ownership which decides access and keys which decide
permissions to decrypt. An admin can change file ownership. Now the new owner
may not be able to decrypt is and the original owner who can decrypt may not be
able to access the file. Since these kinds of scenarios can be a management
nightmare, we need the following (not sure they already exist):
** Ability to list a key ID information for a give file. For that given key ID
ability to get ownership information from the KMS (not sure it is part of
standard interface or we need a tool that goes to HDFS, followed by KMS).
** Ability to run some kind of audit to detect conditions where key ownership
and file permissions have discrepancies.
* Only a user with permissions to key can create a file under EZone. This could
be an issue for distcp that is run by a user. Do we need to think about this
restriction or would this be solved by /.reserved/.raw scheme?
These issues can be addressed post merge. We need to see what the pending work
is and come up with a list of what needs to be done before merge and what can
be moved to after the merge with some due date. This avoids situation where a
patch committed to trunk and then people get very busy and do not work on
follow up jiras.
> Transparent data at rest encryption
> -----------------------------------
>
> Key: HDFS-6134
> URL: https://issues.apache.org/jira/browse/HDFS-6134
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Affects Versions: 3.0.0, 2.3.0
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
> Attachments: HDFS-6134.001.patch, HDFS-6134.002.patch,
> HDFS-6134_test_plan.pdf, HDFSDataatRestEncryption.pdf,
> HDFSDataatRestEncryptionProposal_obsolete.pdf,
> HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive
> data at rest must be in encrypted form. For example: the healthÂcare industry
> (HIPAA regulations), the card payment industry (PCI DSS regulations) or the
> US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can
> be used transparently by any application accessing HDFS via Hadoop Filesystem
> Java API, Hadoop libhdfs C library, or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with
> different regulation requirements.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
