[
https://issues.apache.org/jira/browse/HIVE-6329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13898570#comment-13898570
]
Navis commented on HIVE-6329:
-----------------------------
I think any possible methodologies can be used here by implementing
FieldRewriter (I'm not the fan of this name), with proper init method (hand
over serde properties, etc.). For us, still in experimental stage, we uses same
IV for each table. And with the OTP fingerprint generated in hiveserver hook,
each tasks acquires private key for decryption via SSL. I'm not security guy so
cannot confirm that this is right direction.
> Support column level encryption/decryption
> ------------------------------------------
>
> Key: HIVE-6329
> URL: https://issues.apache.org/jira/browse/HIVE-6329
> Project: Hive
> Issue Type: New Feature
> Components: Security, Serializers/Deserializers
> Reporter: Navis
> Assignee: Navis
> Priority: Minor
> Attachments: HIVE-6329.1.patch.txt, HIVE-6329.2.patch.txt,
> HIVE-6329.3.patch.txt, HIVE-6329.4.patch.txt, HIVE-6329.5.patch.txt
>
>
> Receiving some requirements on encryption recently but hive is not supporting
> it. Before the full implementation via HIVE-5207, this might be useful for
> some cases.
> {noformat}
> hive> create table encode_test(id int, name STRING, phone STRING, address
> STRING)
> > ROW FORMAT SERDE 'org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe'
> > WITH SERDEPROPERTIES ('column.encode.indices'='2,3',
> 'column.encode.classname'='org.apache.hadoop.hive.serde2.Base64WriteOnly')
> STORED AS TEXTFILE;
> OK
> Time taken: 0.584 seconds
> hive> insert into table encode_test select
> 100,'navis','010-0000-0000','Seoul, Seocho' from src tablesample (1 rows);
> ......
> OK
> Time taken: 5.121 seconds
> hive> select * from encode_test;
> OK
> 100 navis MDEwLTAwMDAtMDAwMA== U2VvdWwsIFNlb2Nobw==
> Time taken: 0.078 seconds, Fetched: 1 row(s)
> hive>
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
