[
https://issues.apache.org/jira/browse/HADOOP-9621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13677007#comment-13677007
]
Daryn Sharp commented on HADOOP-9621:
-------------------------------------
I'm glad someone else is interested in this level of detail. I've been meaning
to document the security machinery for a long time, and even submitted an
abstract to the summit for this topic but it wasn't accepted. I'm willing to
contribute to the effort, but I'm not sure how soon I'll have time to devote.
> Document/analyze current Hadoop security model
> ----------------------------------------------
>
> Key: HADOOP-9621
> URL: https://issues.apache.org/jira/browse/HADOOP-9621
> Project: Hadoop Common
> Issue Type: Task
> Components: security
> Reporter: Brian Swan
> Priority: Minor
> Labels: documentation
> Original Estimate: 336h
> Remaining Estimate: 336h
>
> In light of the proposed changes to Hadoop security in Hadoop-9533 and
> Hadoop-9392, having a common, detailed understanding (in the form of a
> document) of the benefits/drawbacks of the current security model and how it
> works would be useful. The document should address all security principals,
> their authentication mechanisms, and handling of shared secrets through the
> lens of the following principles: Minimize attack surface area, Establish
> secure defaults, Principle of Least privilege, Principle of Defense in depth,
> Fail securely, Don’t trust services, Separation of duties, Avoid security by
> obscurity, Keep security simple, Fix security issues correctly.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
