Category Archives: Platform Security & Cybersecurity

Cloudera Search over Apache HBase: A Story of Collaboration

Categories: HBase Platform Security & Cybersecurity

Thanks to Steven Noels, SVP of Products for NGDATA, for the guest post below.

NGDATA builds and sells Lily, the next-generation Customer Intelligence Platform that helps enterprise marketing teams collect and store customer interaction data in order to profile, segment, and present better offers. We designed Lily from the ground up to run on Apache HBase and Apache Solr. Combining these technologies with our deep marketing segmentation expertise and unique machine learning techniques we’re able to deliver interactive data management,

Read more

How-to: Set Up a Hadoop Cluster with Network Encryption

Categories: CDH Hadoop How-to Platform Security & Cybersecurity

Hadoop network encryption is a feature introduced in Apache Hadoop 2.0.2-alpha and in CDH4.1.

In this blog post, we’ll first cover Hadoop’s pre-existing security capabilities. Then, we’ll explain why network encryption may be required. We’ll also provide some details on how it has been implemented. At the end of this blog post, you’ll get step-by-step instructions to help you set up a Hadoop cluster with network encryption.

A Bit of History on Hadoop Security

Starting with Apache Hadoop 0.20.20x and available in Hadoop 1 and Hadoop 2 releases (as well as CDH3 and CDH4 releases),

Read more

How-to: Enable User Authentication and Authorization in Apache HBase

Categories: HBase How-to Platform Security & Cybersecurity

With the default Apache HBase configuration, everyone is allowed to read from and write to all tables available in the system. For many enterprise setups, this kind of policy is unacceptable. 

Administrators can set up firewalls that decide which machines are allowed to communicate with HBase. However, machines that can pass the firewall are still allowed to read from and write to all tables.  This kind of mechanism is effective but insufficient because HBase still cannot differentiate between multiple users that use the same client machines,

Read more

Authorization and Authentication In Hadoop

Categories: General Hadoop Platform Security & Cybersecurity

One of the more confusing topics in Hadoop is how authorization and authentication work in the system. The first and most important thing to recognize is the subtle, yet extremely important, differentiation between authorization and authentication, so let’s define these terms first:

Authentication is the process of determining whether someone is who they claim to be.

Authorization is the function of specifying access rights to resources.

In simpler terms,

Read more

Introducing Alfredo, Kerberos HTTP SPNEGO for Java

Categories: Community Hadoop Platform Security & Cybersecurity

What is Kerberos & SPNEGO?

Kerberos is an authentication protocol that provides mutual authentication and single sign-on capabilities.

SPNEGO is a plain text mechanism for negotiating authentication protocols between peers; one notable application of this is Kerberos authentication over HTTP.

What is Alfredo?

Alfredo is an Open Source Java library providing support for Kerberos HTTP SPNEGO authentication.

Read more