[HADOOP-13836] Securing Hadoop RPC using SSL - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: ipc
Labels:
None

Description

Today, RPC connections in Hadoop are encrypted using Simple Authentication & Security Layer (SASL), with the Kerberos ticket based authentication or Digest-md5 checksum based authentication protocols. This proposal is about enhancing this cipher suite with SSL/TLS based encryption and authentication. SSL/TLS is a proposed Internet Engineering Task Force (IETF) standard, that provides data security and integrity across two different end points in a network. This protocol has made its way to a number of applications such as web browsing, email, internet faxing, messaging, VOIP etc. And supporting this cipher suite at the core of Hadoop would give a good synergy with the applications on top and also bolster industry adoption of Hadoop.
The Server and Client code in Hadoop IPC should support the following modes of communication
1. Plain
2. SASL encryption with an underlying authentication
3. SSL based encryption and authentication (x509 certificate)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-13836.patch
28/Nov/16 15:21
90 kB
kartheek muthyala
HADOOP-13836-v2.patch
22/Jan/17 17:42
98 kB
kartheek muthyala
HADOOP-13836-v3.patch
23/Jan/17 06:23
100 kB
kartheek muthyala
HADOOP-13836-v4.patch
23/Jan/17 16:52
91 kB
kartheek muthyala
Secure IPC OSS Proposal-1.pdf
12/Jan/17 07:01
1.05 MB
kartheek muthyala
SecureIPC Performance Analysis-OSS.pdf
12/Jan/17 07:22
486 kB
kartheek muthyala

Issue Links

relates to

HADOOP-15977 RPC support for TLS

Open

Activity

People

Assignee:: kartheek muthyala

Reporter:: kartheek muthyala

Votes:: 3 Vote for this issue

Watchers:: 30 Start watching this issue

Dates

Created:: 28/Nov/16 11:26

Updated:: 11/Oct/19 22:55