Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-8132

Secure S3 keys management

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None

    Description

      While attempting to get Ozone to production, we found several security flaws regarding S3 auth.

      Some of them we have already done (HDDS-7191, HDDS-7815), some of them are in progress (HDDS-8050,HDDS-7814), and some are to be implemented.

      This Jira has several purposes:

      1. To be an umbrella Jira for work regarding improving S3 security
      2. To share our vision regarding S3 security

      I attached a design document that describes all the security flaws we have found. Eliminating them will drastically increase Ozone S3 security.

      Attachments

        1. Secure S3 keys management.pdf
          89 kB
          Maksim Myskov

        Issue Links

          Activity

            People

              myskov Maksim Myskov
              myskov Maksim Myskov
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated: