Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-9331 Hadoop crypto codec framework and crypto codec implementations
  3. HADOOP-10528

A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)

    XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Patch Available
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: security
    • Labels:

      Description

      This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a complete Hadoop crypto codec framework, but the key can only be retrieved from a local Java KeyStore file. To the convenience, we design a Centralized Key Manager Server (BEE: bee-key-manager) and user can use this TokenKeyProvider to retrieve keys from the Centralized Key Manager Server. By the way, to secure the key exchange, we leverage HTTPS + SPNego/SASL to protect the key exchange. To the detail design and usage, please refer to https://github.com/trendmicro/BEE.

      Moreover, there are still much more requests about Hadoop Data Encryption (such as provide standalone module, support KMIP...etc.), if anyone has interested in those features, pleas let us know.

      Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333, and HADOOP-9332 and before use our patch HADOOP-10528.patch.

        Attachments

        1. HADOOP-10528.patch
          83 kB
          howie yu

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                howieyu howie yu
              • Votes:
                0 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated: