[ https://issues.apache.org/jira/browse/HDFS-6134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alejandro Abdelnur resolved HDFS-6134. -------------------------------------- Resolution: Duplicate [Cross-posting with HADOOP-10150, closing this JIRA as duplicate, discussion to continue in HADOOP-10150] Larry, Steve, Nicholas, thanks for your comments. Todd Lipcon and I had an offline discussion with Andrew Purtell, Yi Liu and Avik Dey to see if we could combine what HADOOP-10150 and HDFS-6134 into one proposal while supporting both, encryption for multiple filesystems and transparent encryption for HDFS. Also, following Steve’s suggestion, I’ve put together a Attack Vectors Matrix for all approaches. I think both documents, the proposal and the attack vectors, address most if not all the questions/concerns raised in the JIRA. Please look for the documents in HADOOP-10150. > Transparent data at rest encryption > ----------------------------------- > > Key: HDFS-6134 > URL: https://issues.apache.org/jira/browse/HDFS-6134 > Project: Hadoop HDFS > Issue Type: New Feature > Components: security > Affects Versions: 2.3.0 > Reporter: Alejandro Abdelnur > Assignee: Alejandro Abdelnur > Attachments: HDFSDataAtRestEncryption.pdf > > > Because of privacy and security regulations, for many industries, sensitive > data at rest must be in encrypted form. For example: the healthcare industry > (HIPAA regulations), the card payment industry (PCI DSS regulations) or the > US government (FISMA regulations). > This JIRA aims to provide a mechanism to encrypt HDFS data at rest that can > be used transparently by any application accessing HDFS via Hadoop Filesystem > Java API, Hadoop libhdfs C library, or WebHDFS REST API. > The resulting implementation should be able to be used in compliance with > different regulation requirements. -- This message was sent by Atlassian JIRA (v6.2#6252)