Benoy Antony created MAPREDUCE-4551: ---------------------------------------
Summary: Key Protection : Add ability to read keys and protect keys in JobClient and TTS/NodeManagers Key: MAPREDUCE-4551 URL: https://issues.apache.org/jira/browse/MAPREDUCE-4551 Project: Hadoop Map/Reduce Issue Type: Sub-task Components: job submission, security Reporter: Benoy Antony Assignee: Benoy Antony The following requirements are addressed. • Plug in different key store mechanisms. • Retrieve specified keys from a configured keystore as part of job submission • Protect keys during its transport through the cluster. • Make sure that keys are handed over only to the tasks of the correct job. Based on Cluster configuration, NodeManager/TaskTrackers set up Decrypters to decrypt the job's secrets. Based on Job configuration, JobClient reads secrets from a KeyStore using a Keyprovider implementation and encrypts them using the cluster's public key. The encrypted secrets are stored in Job Credentials. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira