[jira] [Commented] (HBASE-12823) Visibility label security at limited localized level

Wed, 14 Jan 2015 19:10:51 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-12823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14278175#comment-14278175
 ] 

Sean Busbey commented on HBASE-12823:
-------------------------------------

You might have cases where someone has A/C but not R on a table (like a DBA who 
can tune parameters on the table but isn't allowed to actually inspect the 
data). In practice I haven't seen this very often in key/value store 
deployments.

If we're going to allow someone with table-level A to bypass visibility 
protections in that table, then we need a way to force enforcement at the 
global level. My knee-jerk reaction is that someone with table level alter (and 
not global) should definitely not be able to bypass visibility protection, but 
I think if end users can effectively opt-out of table/cf level configuration 
then it's fine to have it as an option.

> Visibility label security at limited localized level
> ----------------------------------------------------
>
>                 Key: HBASE-12823
>                 URL: https://issues.apache.org/jira/browse/HBASE-12823
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 1.0.0, 2.0.0, 0.98.10
>            Reporter: Jerry He
>             Fix For: 2.0.0
>
>
> Currently, if visibility label security is enabled for a HBase instance, 
> after VisibilityController is configured, the cell level visibility label 
> filtering will kick in across the HBase instance.
> Cell level visibility label filtering has non-negligible performance impact.
> On the other hand, in many use cases, only a small portion of the overall 
> data needs visibility label protection.
> If we can support  visibility label security at a limited and localized 
> level, we will broaden the use cases and the adoption of this feature.
> We should be able to support visibility label security at per table or per 
> column family level. This is quite common in many other HBase features.
> Cell level visibility label filtering will only be enabled and kick in for 
> the tables or column families that the user designates.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to