Category Archives: Platform Security & Cybersecurity

How-to: Enable User Authentication and Authorization in Apache HBase

Categories: HBase How-to Platform Security & Cybersecurity

With the default Apache HBase configuration, everyone is allowed to read from and write to all tables available in the system. For many enterprise setups, this kind of policy is unacceptable. 

Administrators can set up firewalls that decide which machines are allowed to communicate with HBase. However, machines that can pass the firewall are still allowed to read from and write to all tables.  This kind of mechanism is effective but insufficient because HBase still cannot differentiate between multiple users that use the same client machines,

Read more

Authorization and Authentication In Hadoop

Categories: General Hadoop Platform Security & Cybersecurity

One of the more confusing topics in Hadoop is how authorization and authentication work in the system. The first and most important thing to recognize is the subtle, yet extremely important, differentiation between authorization and authentication, so let’s define these terms first:

Authentication is the process of determining whether someone is who they claim to be.

Authorization is the function of specifying access rights to resources.

In simpler terms,

Read more

Introducing Alfredo, Kerberos HTTP SPNEGO for Java

Categories: Community Hadoop Platform Security & Cybersecurity

What is Kerberos & SPNEGO?

Kerberos is an authentication protocol that provides mutual authentication and single sign-on capabilities.

SPNEGO is a plain text mechanism for negotiating authentication protocols between peers; one notable application of this is Kerberos authentication over HTTP.

What is Alfredo?

Alfredo is an Open Source Java library providing support for Kerberos HTTP SPNEGO authentication.

Read more