Xianqing Yu created HADOOP-8803: ----------------------------------- Summary: Make Hadoop running more secure public cloud envrionment Key: HADOOP-8803 URL: https://issues.apache.org/jira/browse/HADOOP-8803 Project: Hadoop Common Issue Type: New Feature Components: fs, ipc, security Affects Versions: 0.20.204.0 Reporter: Xianqing Yu
I have two major goals in the project. One is bring fine-grain access control to Hadoop. Based on 0.20.204, Hadoop access control is based on user or block granularity, e.g. HDFS Delegation Token only check if the file can be accessed by certain user or not, Block Token only proof which block or blocks can be accessed. I would like to make Hadoop can do byte-granularity access control, each access party, user or task process can only access the bytes she or he least needed. Second one is that make Hadoop work more secure in Cloud environment, especially in public Cloud environment. So the communication between hadoop's node should be protected. And if some nodes of hadoop is compromised, the damage should be minimized (e.g. known wildly shared-key problem of Block Access Token problem). -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira