Hi Gustavo, Actually, in my case, we have a fully decentralized service. Something like where you have users in a social network. Originally, we were thinking of using a distributed consensus algorithm (e.g., Paxos) to perform some functionalities (e.g., leader election).
Then, I read about ZooKeeper and was thinking of using ZooKeeper for leader election instead. However, that means that we're introducing a "central" server/service to the architecture. Currently, I'm just thinking of some of the original functionalities and how much of these functionalities I can offload to ZooKeeper, without breaking the original privacy/security motivation. -Harold --- On Thu, 6/25/09, Gustavo Niemeyer <gust...@niemeyer.net> wrote: > From: Gustavo Niemeyer <gust...@niemeyer.net> > Subject: Re: General Question about Zookeeper > To: zookeeper-user@hadoop.apache.org > Date: Thursday, June 25, 2009, 1:59 PM > Hey Harold, > > > I am interested in a security aspect of zookeeper, > where the clients and the servers don't necessarily belong > to the same "group". If a client creates a znode in the > zookeeper? Can the person, who owns the zookeeper server, > simply look at its filesystem and read the data > (out-of-band, not using a client, simply browsing the file > system of the machine hosting the zookeeper server)? > > Yes, absolutely. You could certainly encrypt the data > that goes > through the ZooKeeper server, but since ZooKeeper is > supposed to be > doing coordination work, I think that if you don't trust > the server, > the whole situation might get a bit awkward. I'm > curious about your > use case, since I'm pondering about doing something where > clients > don't necessarily trust other clients or machines in the > same network > (or even different users in the same machine), thus might > require > additional tighting up, but if you don't trust the server > itself, that > may be tricky. Please note that ZooKeeper isn't meant > to be used just > as a distributed filesystem for storage, but that's > probably not your > intention anyway. > > -- > Gustavo Niemeyer > http://niemeyer.net >
