[SENTRY-2140] Metadata Driven Column Masking - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Core
Labels:
- ABAC

Description

As a user, I want to have finer grain control over which users/roles can view data in Hive. Some information such as Social Security Number is considered very confidential information. I want to be able to tag columns in Hive with "attributes" or other metadata that prevent users/roles from not accessing or seeing the data. For users/roles that have that attribute, they should be able to see that information.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Sentry ABAC Proposal.pdf
23/Feb/18 21:33
81 kB
Steve Moist
Sentry ABAC Proposal v1.1.pdf
02/Apr/18 21:46
82 kB
Steve Moist

Issue Links

duplicates

SENTRY-1140 Enable Attribute based Access Control

Resolved

links to

Google Design Doc

Sub-Tasks

1.	Static Attribute Ingestion	Patch Available	Anthony Young-Garner
2.	Initial Attribute based access control	Patch Available	Steve Moist
3.	Expand Sentry data model to store attributes for use in ABAC	Open	Unassigned
4.	CLI: Refactor existing Sentry CLIs to use jcommander instead of commons-cli	Patch Available	Anthony Young-Garner
5.	CLI: Implement ABCM CLI commands	Open	Anthony Young-Garner
6.	CLI: Implement ABCM CLI data model	Open	Anthony Young-Garner
7.	Expand Sentry data model to store attribute policies for use in ABAC	Open	Unassigned
8.	Generic Attribute Ingestion and Default Implementation	Open	Unassigned

Activity

People

Assignee:: Unassigned

Reporter:: Steve Moist

Votes:: 3 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 02/Feb/18 19:31

Updated:: 31/Aug/18 15:15