[jira] [Commented] (HBASE-6222) Add per-KeyValue Security, get federal funding for HBase?

Sat, 16 Jun 2012 09:58:44 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-6222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13296182#comment-13296182
 ] 

Jonathan Hsieh commented on HBASE-6222:
---------------------------------------

Here's a good link with high level semantics of their implementation.  

http://accumulo.apache.org/1.4/user_manual/Security.html

I've spent a few hours looking at the accumulo code.  Internally it is:
* an extra visibility/tags field in their cell Key which supports AND, OR, NOT 
boolean operators.
* an always on visibility filter on the tablet/regionserver side.
* a constraint policy option that determines behavior if a users attempts to 
write to labels they do not have read access to:
** allow
** throw security exceptions
* authentication credentials and authorization plumbing



                
> Add per-KeyValue Security, get federal funding for HBase?
> ---------------------------------------------------------
>
>                 Key: HBASE-6222
>                 URL: https://issues.apache.org/jira/browse/HBASE-6222
>             Project: HBase
>          Issue Type: New Feature
>          Components: security
>            Reporter: stack
>
> Saw an interesting article: 
> http://www.fiercegovernmentit.com/story/sasc-accumulo-language-pro-open-source-say-proponents/2012-06-14
> "The  Senate Armed Services Committee version of the fiscal 2013 national 
> defense authorization act (S. 3254) would require DoD agencies to foreswear 
> the Accumulo NoSQL database after Sept. 30, 2013, unless the DoD CIO 
> certifies that there exists either no viable commercial open source database 
> with security features comparable to [Accumulo] (such as the HBase or 
> Cassandra databases)..."
> Not sure what a 'commercial open source database' is, and I'm not sure whats 
> going on in the article, but tra-la-la'ing, if we had per-KeyValue 'security' 
> like Accumulo's, we might put ourselves in the running for federal 
> contributions?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to