[jira] [Updated] (HADOOP-9621) Document/analyze current Hadoop security model
[ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kyle Leckie updated HADOOP-9621: Attachment: HadoopSecurityAnalysis-20130624.pdf Document/analyze current Hadoop security model -- Key: HADOOP-9621 URL: https://issues.apache.org/jira/browse/HADOOP-9621 Project: Hadoop Common Issue Type: Task Components: security Reporter: Brian Swan Priority: Minor Labels: documentation Attachments: HadoopSecurityAnalysis-20130612.pdf, HadoopSecurityAnalysis-20130614.pdf, HadoopSecurityAnalysis-20130624.pdf, ThreatsforToken-basedAuthN-20130619.pdf Original Estimate: 336h Remaining Estimate: 336h In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-9621) Document/analyze current Hadoop security model
[ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay updated HADOOP-9621: Attachment: ThreatsforToken-basedAuthN-20130619.pdf Start of a threat model introduced by a token based approach to authentication instead of kerberos. This should be discussed in terms of document format and collaborated on in order to tease out as many threats as possible - so that we have them in mind for design decisions. Document/analyze current Hadoop security model -- Key: HADOOP-9621 URL: https://issues.apache.org/jira/browse/HADOOP-9621 Project: Hadoop Common Issue Type: Task Components: security Reporter: Brian Swan Priority: Minor Labels: documentation Attachments: HadoopSecurityAnalysis-20130612.pdf, HadoopSecurityAnalysis-20130614.pdf, ThreatsforToken-basedAuthN-20130619.pdf Original Estimate: 336h Remaining Estimate: 336h In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-9621) Document/analyze current Hadoop security model
[ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Minder updated HADOOP-9621: - Attachment: HadoopSecurityAnalysis-20130614.pdf Document/analyze current Hadoop security model -- Key: HADOOP-9621 URL: https://issues.apache.org/jira/browse/HADOOP-9621 Project: Hadoop Common Issue Type: Task Components: security Reporter: Brian Swan Priority: Minor Labels: documentation Attachments: HadoopSecurityAnalysis-20130612.pdf, HadoopSecurityAnalysis-20130614.pdf Original Estimate: 336h Remaining Estimate: 336h In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HADOOP-9621) Document/analyze current Hadoop security model
[ https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Minder updated HADOOP-9621: - Attachment: HadoopSecurityAnalysis-20130612.pdf Document/analyze current Hadoop security model -- Key: HADOOP-9621 URL: https://issues.apache.org/jira/browse/HADOOP-9621 Project: Hadoop Common Issue Type: Task Components: security Reporter: Brian Swan Priority: Minor Labels: documentation Attachments: HadoopSecurityAnalysis-20130612.pdf Original Estimate: 336h Remaining Estimate: 336h In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
