[this announcement is available online at https://s.apache.org/23CB ]
Big Data security management framework for the Apache Hadoop ecosystem in use
at ING, Protegrity, and Sprint, among other organizations.
Forest Hill, MD —8 February 2017— The Apache Software Foundation (ASF), the
all-volunteer developers, stewards, and incubators of more than 350 Open Source
projects and initiatives, announced today that Apache® Ranger™ has graduated
from the Apache Incubator to become a Top-Level Project (TLP), signifying that
the project's community and products have been well-governed under the ASF's
meritocratic process and principles.
The latest addition to the ASF’s more than three dozen projects in Big Data,
Apache Ranger is a centralized framework used to define, administer and manage
security policies consistently across Apache Hadoop components. Ranger also
offers the most comprehensive security coverage, with native support for
numerous Apache projects, including Atlas (incubating), HBase, HDFS, Hive,
Kafka, Knox, NiFi, Solr, Storm, and YARN.
"Graduating to a Top-Level Project reflects the maturity and growth of the
Ranger Community," said Selvamohan Neethiraj, Vice President of Apache Ranger.
"We are pleased to celebrate a great milestone and officially play an integral
role in the Apache Big Data ecosystem."
Apache Ranger provides a simple and effective way to set access control
policies and audit the data access across the entire Hadoop stack by following
industry best practices. One of the key benefits of Ranger is that access
control policies can be managed by security administrators from a single place
and consistently across hadoop ecosystem. Ranger also enables the community to
add new systems for authorization even outside Hadoop ecosystem, with a robust
plugin architecture, that can be extended with minimal effort. In addition,
Apache Ranger provides many advanced features, such as:
- Ranger Key Management Service (compatible with Hadoop’s native KMS API to
store and manage encryption keys for HDFS Transparent Data Encryption);
- Dynamic column masking and row filtering;
- Dynamic policy conditions (such as prohibition of toxic joins);
- User context enrichers (such as geo-location and time of day mappings); and
- Classification or tag based policies for Hadoop ecosystem components via
integration with Apache Atlas.
"As early adopters of Apache Ranger and having contributed to Apache Ranger, we
have come to rely upon Apache Ranger as a key part of our security
infrastructure for data," said Ferd Scheepers, Chief Information Architect at
ING. "We are therefore pleased to learn that the project has now graduated to a
TLP project through the efforts of the Apache community. We believe that Apache
Ranger represents the best-in-class Open Source security framework for
authorization, encryption management, and auditing across Hadoop ecosystem. We
laud the community's efforts in building an extensible and enterprise grade
architecture for Apache Ranger, and for innovative features such as tag or
classification based security (built in conjunction with Apache Atlas). We
congratulate the Apache Ranger community on achieving this significant
milestone and are confident Apache Ranger will evolve into the de-facto
standard for security stack across the Hadoop ecosystem."
"As heavy users of Apache Ranger in production, we are pleased to see the
project become a TLP through validation across community efforts," said Timothy
R. Connor, Big Data & Advanced Analytics Manager at Sprint. "Apache Ranger has
built a next generation ABAC model for authorization along with a robust
data-centric Open Source security framework supporting advanced security
capabilities such as dynamic row filtering and column masking. All of these
point to Apache Ranger maturing into a robust and comprehensive security
product for authorization, encryption management and auditing through the
Apache community."
"It's great to see Apache Ranger become a TLP," said Dominic Sartorio, Senior
Vice President of Products & Development at Protegrity. "Apache Ranger's
comprehensive auditing and broad authorization coverage across the Hadoop
ecosystem, along with its highly scalable and extensible architecture and rich
set of APIs, integrates very well with Protegrity's fine grained data
protection capabilities. Our continued collaboration with the Apache Ranger
community will help meet the data security requirements of the next generation
of enterprise-grade production Hadoop deployments."
"As organizations entrust their enterprise data to Open Source data platforms
such as Apache Hadoop, there is a critical need to use the most innovative
techniques to safeguard this data," said Alan Gates, Co-Founder of HortonWorks
and Apache Ranger incubation mentor. "Apache Ranger community has taken the
original, proprietary code base and used it to build a new and successful
Apache project th