[
https://issues.apache.org/jira/browse/HBASE-6222?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13395815#comment-13395815
]
Laxman commented on HBASE-6222:
-------------------------------
bq. The basic premise here is to be on-par security wise with Accumulo. That is
the use-case.
IMHO, that's one implementation but not use-case. Definitely, Accumulo would
have some straight use-case. Do we that use-case? Based on use-case, we can
brainstorm on different approaches (KV level, Views, something else may be).
bq. where do you see this could affect the performance?
I have following concern w.r.to *scalability*.
* With current implementation, ACLs are cached. With cell level, it may grow
heavily.
* Please take a look @AccessController.permissionGranted method. We need to
call this method(+some more checks for KV based) for every KV. This may become
a hotspot when we introduce KV based access control.
We are currently evaluating performance with security enabled. Soon, I will
share our report.
bq. Think of blocking access to some columns differently across many rows.
I agree. Can you please explain how do we solve this with a traditional RDBMS
like Oracle.
*Note:* I definitely don't want to bring up the well known discussion "SQL vs
NOSQL" here and I'm only trying to understand the use-case as a HBase
user/developer. Only point I want to put forward is we should have proper
understanding of use-case and user before we start on a approach/solution.
> Add per-KeyValue Security
> -------------------------
>
> Key: HBASE-6222
> URL: https://issues.apache.org/jira/browse/HBASE-6222
> Project: HBase
> Issue Type: New Feature
> Components: security
> Reporter: stack
>
> Saw an interesting article:
> http://www.fiercegovernmentit.com/story/sasc-accumulo-language-pro-open-source-say-proponents/2012-06-14
> "The Senate Armed Services Committee version of the fiscal 2013 national
> defense authorization act (S. 3254) would require DoD agencies to foreswear
> the Accumulo NoSQL database after Sept. 30, 2013, unless the DoD CIO
> certifies that there exists either no viable commercial open source database
> with security features comparable to [Accumulo] (such as the HBase or
> Cassandra databases)..."
> Not sure what a 'commercial open source database' is, and I'm not sure whats
> going on in the article, but tra-la-la'ing, if we had per-KeyValue 'security'
> like Accumulo's, we might put ourselves in the running for federal
> contributions?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
