Actually, in my case, we have a fully decentralized service. Something like
where you have users in a social network. Originally, we were thinking of using
a distributed consensus algorithm (e.g., Paxos) to perform some functionalities
(e.g., leader election).
Then, I read about ZooKeeper and was thinking of using ZooKeeper for leader
election instead. However, that means that we're introducing a "central"
server/service to the architecture.
Currently, I'm just thinking of some of the original functionalities and how
much of these functionalities I can offload to ZooKeeper, without breaking the
original privacy/security motivation.
--- On Thu, 6/25/09, Gustavo Niemeyer <gust...@niemeyer.net> wrote:
> From: Gustavo Niemeyer <gust...@niemeyer.net>
> Subject: Re: General Question about Zookeeper
> To: firstname.lastname@example.org
> Date: Thursday, June 25, 2009, 1:59 PM
> Hey Harold,
> > I am interested in a security aspect of zookeeper,
> where the clients and the servers don't necessarily belong
> to the same "group". If a client creates a znode in the
> zookeeper? Can the person, who owns the zookeeper server,
> simply look at its filesystem and read the data
> (out-of-band, not using a client, simply browsing the file
> system of the machine hosting the zookeeper server)?
> Yes, absolutely. You could certainly encrypt the data
> that goes
> through the ZooKeeper server, but since ZooKeeper is
> supposed to be
> doing coordination work, I think that if you don't trust
> the server,
> the whole situation might get a bit awkward. I'm
> curious about your
> use case, since I'm pondering about doing something where
> don't necessarily trust other clients or machines in the
> same network
> (or even different users in the same machine), thus might
> additional tighting up, but if you don't trust the server
> itself, that
> may be tricky. Please note that ZooKeeper isn't meant
> to be used just
> as a distributed filesystem for storage, but that's
> probably not your
> intention anyway.
> Gustavo Niemeyer