[
https://issues.apache.org/jira/browse/HADOOP-10528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
howie yu updated HADOOP-10528:
------------------------------
Description:
This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a
complete Hadoop crypto codec framework, but the key can only be retrieved from
a local Java KeyStore file. To the convenience, we design a Centralized Key
Manager Server (BEE: bee-key-manager) and user can use this TokenKeyProvider to
retrieve keys from the Centralized Key Manager Server. By the way, to secure
the key exchange, we leverage HTTPS + SPNego/SASL to protect the key exchange.
To the detail design and usage, please refer to
https://github.com/trendmicro/BEE.
Moreover, there are still much more requests about Hadoop Data Encryption (such
as provide standalone module, support KMIP...etc.), if anyone has interested in
those features, pleas let us know.
Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333, and
HADOOP-9332 and before use our patch HADOOP-10528.patch.
was:
This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a
complete Hadoop crypto codec framework, but the key can only be retrieved from
a local Java KeyStore file. To the convenience, we design a Centralized Key
Manager Server (BEE: bee-key-manager) and user can use this TokenKeyProvider to
retrieve keys from the Centralized Key Manager Server. By the way, to secure
the key exchange, we leverage HTTPS + SPNego/SASL to protect the key exchange.
To the detail design and usage, please refer to
https://github.com/trendmicro/BEE.
Moreover, there are still much more requests about Hadoop Data Encryption (such
as provide standalone module, support KMIP...etc.), if anyone has interested in
those features, pleas let us know.
Ps. Because this patch baesd on HADOOP-9331 and , before use
> A TokenKeyProvider for a Centralized Key Manager Server (BEE: bee-key-manager)
> ------------------------------------------------------------------------------
>
> Key: HADOOP-10528
> URL: https://issues.apache.org/jira/browse/HADOOP-10528
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: security
> Reporter: howie yu
> Attachments: HADOOP-10528.patch
>
>
> This is a key provider based on HADOOP-9331. HADOOP-9331 has designed a
> complete Hadoop crypto codec framework, but the key can only be retrieved
> from a local Java KeyStore file. To the convenience, we design a Centralized
> Key Manager Server (BEE: bee-key-manager) and user can use this
> TokenKeyProvider to retrieve keys from the Centralized Key Manager Server. By
> the way, to secure the key exchange, we leverage HTTPS + SPNego/SASL to
> protect the key exchange. To the detail design and usage, please refer to
> https://github.com/trendmicro/BEE.
> Moreover, there are still much more requests about Hadoop Data Encryption
> (such as provide standalone module, support KMIP...etc.), if anyone has
> interested in those features, pleas let us know.
>
> Ps. Because this patch based on HADOOP-9331, please use patch HADOOP-9333,
> and HADOOP-9332 and before use our patch HADOOP-10528.patch.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
