Uploaded image for project: 'Hadoop HDFS'
  1. Hadoop HDFS
  2. HDFS-6134

Transparent data at rest encryption

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.3.0, 3.0.0-alpha1
    • 2.6.0
    • security
    • None

    Description

      Because of privacy and security regulations, for many industries, sensitive data at rest must be in encrypted form. For example: the health­care industry (HIPAA regulations), the card payment industry (PCI DSS regulations) or the US government (FISMA regulations).

      This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can be used transparently by any application accessing HDFS via Hadoop Filesystem Java API, Hadoop libhdfs C library, or WebHDFS REST API.

      The resulting implementation should be able to be used in compliance with different regulation requirements.

      Attachments

        1. HDFSEncryptionConceptualDesignProposal-2014-06-20.pdf
          86 kB
          Alejandro Abdelnur
        2. HDFSDataatRestEncryptionProposal_obsolete.pdf
          219 kB
          Alejandro Abdelnur
        3. HDFSDataatRestEncryption.pdf
          357 kB
          Charles Lamb
        4. HDFS-6134.002.patch
          562 kB
          Yi Liu
        5. HDFS-6134.001.patch
          566 kB
          Charles Lamb
        6. HDFS-6134_test_plan.pdf
          147 kB
          Stephen Chu
        7. fs-encryption.2014-08-19.patch
          653 kB
          Andrew Wang
        8. fs-encryption.2014-08-18.patch
          653 kB
          Andrew Wang

        Issue Links

          breaks

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-11286 Map/Reduce dangerously adds Guava @Beta class to CryptoUtils

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed
          is related to

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10919 Copy command should preserve raw.* namespace extended attributes

          • Major - Major loss of function.
          • Resolved

          New Feature - A new feature of the product, which has yet to be developed. MAPREDUCE-6007 Add support to distcp to preserve raw.* namespace extended attributes

          • Major - Major loss of function.
          • Closed
          relates to

          Sub-task - The sub-task of the issue HADOOP-9333 Hadoop crypto codec framework based on compression codec

          • Major - Major loss of function.
          • Patch Available

          Bug - A problem which impairs or prevents the functions of the product. HDFS-6891 Follow-on work for transparent data at rest encryption

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10141 Create an API to separate encryption key storage from applications

          • Major - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. HADOOP-10150 Hadoop cryptographic file system

          • Major - Major loss of function.
          • Closed
          requires

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10856 HarFileSystem and HarFs support for HDFS encryption

          • Major - Major loss of function.
          • Resolved
          There are no Sub-Tasks for this issue.

          Activity

            People

              clamb Charles Lamb
              tucu00 Alejandro Abdelnur
              Votes:
              2 Vote for this issue
              Watchers:
              62 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: