This document discusses fine-grained security options for Spark and Hive. It provides an overview of Apache Ranger, which enables centralized security policies for Hadoop components. Ranger supports authorization, auditing, and encryption. The document also covers Hive LLAP, which provides low-latency query processing. With Ranger and LLAP, column-level security policies can be dynamically applied for SparkSQL and Hive queries. Several use cases are demonstrated, including restricting column access, column masking, and row filtering. The integration of Ranger and Apache Atlas for tag-based security policies is also discussed.