[HADOOP-9621] Document/analyze current Hadoop security model - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: security
Labels:
- documentation

Tags:
security

Description

In light of the proposed changes to Hadoop security in Hadoop-9533 and Hadoop-9392, having a common, detailed understanding (in the form of a document) of the benefits/drawbacks of the current security model and how it works would be useful. The document should address all security principals, their authentication mechanisms, and handling of shared secrets through the lens of the following principles: Minimize attack surface area, Establish secure defaults, Principle of Least privilege, Principle of Defense in depth, Fail securely, Don’t trust services, Separation of duties, Avoid security by obscurity, Keep security simple, Fix security issues correctly.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HadoopSecurityAnalysis-20130612.pdf
12/Jun/13 12:24
627 kB
Kevin Minder
HadoopSecurityAnalysis-20130614.pdf
14/Jun/13 22:02
750 kB
Kevin Minder
ThreatsforToken-basedAuthN-20130619.pdf
19/Jun/13 21:02
92 kB
Larry McCay
HadoopSecurityAnalysis-20130624.pdf
25/Jun/13 00:20
1.18 MB
Kyle Leckie

Issue Links

is related to

HADOOP-9392 Token based authentication and Single Sign On

Open

HADOOP-9533 Centralized Hadoop SSO/Token Server

Open

HADOOP-10086 User document for authentication in secure cluster

Closed

relates to

HADOOP-4487 Security features for Hadoop

Closed

YARN-4653 Document YARN security model from the perspective of Application Developers

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Brian Swan

Votes:: 1 Vote for this issue

Watchers:: 27 Start watching this issue

Dates

Created:: 05/Jun/13 20:08

Updated:: 02/Feb/16 11:56

Time Tracking

Estimated:

336h

Remaining:

336h

Logged:

Not Specified