Securing Hadoop with Knox Gateway by Kevin Minder
From the post:
Back in the day, in order to secure a Hadoop cluster all you needed was a firewall that restricted network access to only authorized users. This eventually evolved into a more robust security layer in Hadoop… a layer that could augment firewall access with strong authentication. Enter Kerberos. Around 2008, Owen O’Malley and a team of committers led this first foray into security and today, Kerberos is still the primary way to secure a Hadoop cluster.
Fast-forward to today… Widespread adoption of Hadoop is upon us. The enterprise has placed requirements on the platform to not only provide perimeter security, but to also integrate with all types of authentication mechanisms. Oh yeah, and all the while, be easy to manage and to integrate with the rest of the secured corporate infrastructure. Kerberos can still be a great provider of the core security technology but with all the touch-points that a user will have with Hadoop, something more is needed.
The time has come for Knox.
Timely news of an effort at security that doesn’t depend upon obscurity (or inner circle secrecy).
Hadoop installations, in topic map flow flow and not, need to pay attention to this project.
[…] more so coming on the heels of two other major project announcements. Securing Hadoop with Knox Gateway and The Stinger Initiative: Making Apache Hive 100 Times Faster, both from […]
Pingback by Introducing… Tez: Accelerating processing of data stored in HDFS « Another Word For It — February 20, 2013 @ 9:24 pm