Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-13836

Securing Hadoop RPC using SSL



    • New Feature
    • Status: Patch Available
    • Major
    • Resolution: Unresolved
    • None
    • None
    • ipc
    • None


      Today, RPC connections in Hadoop are encrypted using Simple Authentication & Security Layer (SASL), with the Kerberos ticket based authentication or Digest-md5 checksum based authentication protocols. This proposal is about enhancing this cipher suite with SSL/TLS based encryption and authentication. SSL/TLS is a proposed Internet Engineering Task Force (IETF) standard, that provides data security and integrity across two different end points in a network. This protocol has made its way to a number of applications such as web browsing, email, internet faxing, messaging, VOIP etc. And supporting this cipher suite at the core of Hadoop would give a good synergy with the applications on top and also bolster industry adoption of Hadoop.
      The Server and Client code in Hadoop IPC should support the following modes of communication
      1. Plain
      2. SASL encryption with an underlying authentication
      3. SSL based encryption and authentication (x509 certificate)


        1. HADOOP-13836.patch
          90 kB
          kartheek muthyala
        2. HADOOP-13836-v2.patch
          98 kB
          kartheek muthyala
        3. HADOOP-13836-v3.patch
          100 kB
          kartheek muthyala
        4. HADOOP-13836-v4.patch
          91 kB
          kartheek muthyala
        5. Secure IPC OSS Proposal-1.pdf
          1.05 MB
          kartheek muthyala
        6. SecureIPC Performance Analysis-OSS.pdf
          486 kB
          kartheek muthyala

        Issue Links



              kartheek kartheek muthyala
              kartheek kartheek muthyala
              3 Vote for this issue
              29 Start watching this issue