[
https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14098113#comment-14098113
]
Suresh Srinivas commented on HDFS-6134:
---------------------------------------
We had conversation about the finer details of the feature and follow up work
items. Here are some of my comments and points we discussed from that meeting:
# Need a consolidated documents on what extended attributes are introduced. How
they are used and are restricted.
# Need a way to turn off encryption feature.
# Need description on how for hadoop jobs KMS credential check and decryption
works. Not sure if there is a design document that covers delegation token from
KMS.
# All files in encryption in zone must be encrypted. We need to clarify in the
design if encrypted files can only be in encryption zone and is not allowed
outside of encryption zone. There are pros and cons to this decision. It would
be good to decide what to do in this regard and capture it in the design.
# Sequence related to file creation in the design document mentions namenode as
client. It may be confused with DFS client. Also it is a good idea to discuss
why this is chosen as opposed to all the KMS interaction in the DFS client.
Need a discussion on how namenode handles unresponsive KMS and how it affects
service availability
# Is EDEK creation idempotent? How editlog operations is logged related to this
should be discussed in the design.
# KMS must be global in the current phase across all the clusters. This should
be documented in the design as assumption. In future, we could have multiple
KMS. But that can be enabled in a backward compatible way.
> Transparent data at rest encryption
> -----------------------------------
>
> Key: HDFS-6134
> URL: https://issues.apache.org/jira/browse/HDFS-6134
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Affects Versions: 3.0.0, 2.3.0
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
> Attachments: HDFS-6134.001.patch, HDFS-6134.002.patch,
> HDFS-6134_test_plan.pdf, HDFSDataatRestEncryption.pdf,
> HDFSDataatRestEncryptionProposal_obsolete.pdf,
> HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive
> data at rest must be in encrypted form. For example: the healthÂcare industry
> (HIPAA regulations), the card payment industry (PCI DSS regulations) or the
> US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can
> be used transparently by any application accessing HDFS via Hadoop Filesystem
> Java API, Hadoop libhdfs C library, or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with
> different regulation requirements.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
