[jira] [Updated] (MAPREDUCE-4551) Key Protection : Add ability to read keys and protect keys in JobClient and TTS/NodeManagers

[Benoy Antony (JIRA)]

     [ 
https://issues.apache.org/jira/browse/MAPREDUCE-4551?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benoy Antony updated MAPREDUCE-4551:
------------------------------------

    Description: 
Based on Cluster configuration, NodeManager/TaskTrackers set up Decrypters  to 
decrypt the job's secrets.
Based on Job configuration, JobClient reads secrets from a KeyStore using a 
Keyprovider implementation and encrypts them using the cluster's public key.

The encrypted secrets are stored in Job Credentials.

The task addresses the following requirements:


•       Plug in different key store mechanisms.
•       Retrieve specified keys from a configured keystore as part of job 
submission
•       Protect keys during its transport through the cluster.
•       Make sure that keys are handed over only to the tasks of the correct 
job.


  was:
The following requirements are addressed.

•       Plug in different key store mechanisms.
•       Retrieve specified keys from a configured keystore as part of job 
submission
•       Protect keys during its transport through the cluster.
•       Make sure that keys are handed over only to the tasks of the correct 
job.

Based on Cluster configuration, NodeManager/TaskTrackers set up Decrypters  to 
decrypt the job's secrets.
Based on Job configuration, JobClient reads secrets from a KeyStore using a 
Keyprovider implementation and encrypts them using the cluster's public key.

The encrypted secrets are stored in Job Credentials.

    
> Key Protection :  Add ability to read keys and protect keys  in  JobClient 
> and TTS/NodeManagers
> -----------------------------------------------------------------------------------------------
>
>                 Key: MAPREDUCE-4551
>                 URL: https://issues.apache.org/jira/browse/MAPREDUCE-4551
>             Project: Hadoop Map/Reduce
>          Issue Type: Sub-task
>          Components: job submission, security
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>         Attachments: MR_4551_1_1.patch, MR_4551_trunk.patch
>
>
> Based on Cluster configuration, NodeManager/TaskTrackers set up Decrypters  
> to decrypt the job's secrets.
> Based on Job configuration, JobClient reads secrets from a KeyStore using a 
> Keyprovider implementation and encrypts them using the cluster's public key.
> The encrypted secrets are stored in Job Credentials.
> The task addresses the following requirements:
> •     Plug in different key store mechanisms.
> •     Retrieve specified keys from a configured keystore as part of job 
> submission
> •     Protect keys during its transport through the cluster.
> •     Make sure that keys are handed over only to the tasks of the correct 
> job.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira