[ https://issues.apache.org/jira/browse/HBASE-6222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13395815#comment-13395815 ]
Laxman commented on HBASE-6222: ------------------------------- bq. The basic premise here is to be on-par security wise with Accumulo. That is the use-case. IMHO, that's one implementation but not use-case. Definitely, Accumulo would have some straight use-case. Do we that use-case? Based on use-case, we can brainstorm on different approaches (KV level, Views, something else may be). bq. where do you see this could affect the performance? I have following concern w.r.to *scalability*. * With current implementation, ACLs are cached. With cell level, it may grow heavily. * Please take a look @AccessController.permissionGranted method. We need to call this method(+some more checks for KV based) for every KV. This may become a hotspot when we introduce KV based access control. We are currently evaluating performance with security enabled. Soon, I will share our report. bq. Think of blocking access to some columns differently across many rows. I agree. Can you please explain how do we solve this with a traditional RDBMS like Oracle. *Note:* I definitely don't want to bring up the well known discussion "SQL vs NOSQL" here and I'm only trying to understand the use-case as a HBase user/developer. Only point I want to put forward is we should have proper understanding of use-case and user before we start on a approach/solution. > Add per-KeyValue Security > ------------------------- > > Key: HBASE-6222 > URL: https://issues.apache.org/jira/browse/HBASE-6222 > Project: HBase > Issue Type: New Feature > Components: security > Reporter: stack > > Saw an interesting article: > http://www.fiercegovernmentit.com/story/sasc-accumulo-language-pro-open-source-say-proponents/2012-06-14 > "The Senate Armed Services Committee version of the fiscal 2013 national > defense authorization act (S. 3254) would require DoD agencies to foreswear > the Accumulo NoSQL database after Sept. 30, 2013, unless the DoD CIO > certifies that there exists either no viable commercial open source database > with security features comparable to [Accumulo] (such as the HBase or > Cassandra databases)..." > Not sure what a 'commercial open source database' is, and I'm not sure whats > going on in the article, but tra-la-la'ing, if we had per-KeyValue 'security' > like Accumulo's, we might put ourselves in the running for federal > contributions? -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira