Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-9331 Hadoop crypto codec framework and crypto codec implementations
  3. HADOOP-10528

A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Patch Available
    • Major
    • Resolution: Unresolved
    • None
    • None
    • security

    Description

      This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a complete Hadoop crypto codec framework, but the key can only be retrieved from a local Java KeyStore file. To the convenience, we design a Centralized Key Manager Server (BEE: bee-key-manager) and user can use this TokenKeyProvider to retrieve keys from the Centralized Key Manager Server. By the way, to secure the key exchange, we leverage HTTPS + SPNego/SASL to protect the key exchange. To the detail design and usage, please refer to https://github.com/trendmicro/BEE.

      Moreover, there are still much more requests about Hadoop Data Encryption (such as provide standalone module, support KMIP...etc.), if anyone has interested in those features, pleas let us know.

      Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333, and HADOOP-9332 and before use our patch HADOOP-10528.patch.

      Attachments

        1. HADOOP-10528.patch
          83 kB
          howie yu

        Issue Links

          depends upon

          Sub-task - The sub-task of the issue HADOOP-9332 Crypto codec implementations for AES

          • Major - Major loss of function.
          • Resolved

          Sub-task - The sub-task of the issue HADOOP-9333 Hadoop crypto codec framework based on compression codec

          • Major - Major loss of function.
          • Patch Available
          duplicates

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10141 Create an API to separate encryption key storage from applications

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HADOOP-10177 Create CLI tools for managing keys via the KeyProvider API

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. HADOOP-10433 Key Management Server based on KeyProvider API

          • Major - Major loss of function.
          • Closed
          is duplicated by

          Sub-task - The sub-task of the issue HADOOP-10529 A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              howieyu howie yu
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated: