[
https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Uma Maheswara Rao G updated HDFS-6134:
--------------------------------------
Comment: was deleted
(was: {quote}
Vanilla distcp will just work with transparent encryption. Data will be
decrypted on read and encrypted on write, assuming both source and target are
in encrypted zones.
The proposal on changing distcp is to enable a second use used case, copy data
from one cluster to another without having to decrypt/encrypt the data while
doing the copy. This is useful when doing copies for disaster recovery, hdfs
admins could do the copy without having to have access to the encryption keys.
{quote}
Agree.)
> Transparent data at rest encryption
> -----------------------------------
>
> Key: HDFS-6134
> URL: https://issues.apache.org/jira/browse/HDFS-6134
> Project: Hadoop HDFS
> Issue Type: New Feature
> Components: security
> Affects Versions: 2.3.0
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Attachments: ConceptualDesignProposal_2014-06-19.pdf,
> HDFSDataAtRestEncryption.pdf
>
>
> Because of privacy and security regulations, for many industries, sensitive
> data at rest must be in encrypted form. For example: the healthÂcare industry
> (HIPAA regulations), the card payment industry (PCI DSS regulations) or the
> US government (FISMA regulations).
> This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can
> be used transparently by any application accessing HDFS via Hadoop Filesystem
> Java API, Hadoop libhdfs C library, or WebHDFS REST API.
> The resulting implementation should be able to be used in compliance with
> different regulation requirements.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
