Protecting Enterprise Data in Apache Hadoop

•

2 likes•816 views

DataWorks Summit

Protecting Enterprise Data in Apache Hadoop Owen O'Malley Co-Founder Hortonworks

© Hortonworks Inc. 2015
Protecting Enterprise Data
in Apache Hadoop
April 2015
Page 1
Owen O’Malley
owen@hortonworks.com
@owen_omalley

© Hortonworks Inc. 2015
Security Architecture
Page 3

© Hortonworks Inc. 2015
Attack Vectors
Page 4

© Hortonworks Inc. 2015
Attack Vectors
Page 5

© Hortonworks Inc. 2015
Threat: Accidental Damage
Page 6

© Hortonworks Inc. 2015
Threat: Remote Access
Page 7

© Hortonworks Inc. 2015
Threat: Eavesdropping
Page 8

© Hortonworks Inc. 2015
Threat: User accesses private data
Page 9

© Hortonworks Inc. 2015
Threat: Physical access
Page 10

© Hortonworks Inc. 2015
Threat: Hadoop Admin in Cluster
Page 11

© Hortonworks Inc. 2015
HDFS Encryption
Page 12

© Hortonworks Inc. 2015
KeyProvider API
Page 13

© Hortonworks Inc. 2015
Encryption Scheme
Page 14

© Hortonworks Inc. 2015
Threat: User reads private columns
Page 15

© Hortonworks Inc. 2015
ORC File Layout
Page 16
File Footer
Postscript
Index Data
Row Data
Stripe Footer
256MBStripe
Index Data
Row Data
Stripe Footer
256MBStripe
Index Data
Row Data
Stripe Footer
256MBStripe
Column 1
Column 2
Column 7
Column 8
Column 3
Column 6
Column 4
Column 5
Column 1
Column 2
Column 7
Column 8
Column 3
Column 6
Column 4
Column 5
Stream 2.1
Stream 2.2
Stream 2.3
Stream 2.4

© Hortonworks Inc. 2015
Threat: User reads hidden values
Page 17

© Hortonworks Inc. 2015
Threat: Shadow Security
Page 18

© Hortonworks Inc. 2015
Resources
Page 19

© Hortonworks Inc. 2015
Thank You!
Page 20

Viewers also liked

Taller de educacion financieraRubén Omar Vega Alcantar

Netflix caseRomain Roussieau

追試H28.3.1 創世記reigan_s

Psychology of TransmediaPamela Rutledge

Pollos de engorde usbManuel Gomez

2 - Oportunidades de Creación de Nuevos NegociosJontxu Pardo

10 Valuable LIFE LESSONSOH TEIK BIN

Harold J resume+041216Harold Berg

יחסי פחמימות וחלבון מומלצים לאחר אימוןYael Rotem Nisimov

HBase Read High Availabilty using Timeline Consistent Region ReplicasDataWorks Summit

Plan estudios prof._y_lic._ce_20032.doc-c-agregado-mopefabioapolomithos

Viewers also liked (11)

Taller de educacion financiera

Netflix case

追試H28.3.1 創世記

Psychology of Transmedia

Pollos de engorde usb

2 - Oportunidades de Creación de Nuevos Negocios

10 Valuable LIFE LESSONS

Harold J resume+041216

יחסי פחמימות וחלבון מומלצים לאחר אימון

HBase Read High Availabilty using Timeline Consistent Region Replicas

Plan estudios prof._y_lic._ce_20032.doc-c-agregado-mope

Similar to Protecting Enterprise Data in Apache Hadoop

Protecting enterprise Data in HadoopDataWorks Summit

Protecting Enterprise Data in Apache HadoopDataWorks Summit/Hadoop Summit

Protecting Enterprise Data In Apache HadoopDataWorks Summit/Hadoop Summit

Protecting Enterprise Data in Apache HadoopHortonworks

Real-Time Processing in Hadoop for IoT Use Cases - Phoenix HUGskumpf

ORC Column EncryptionOwen O'Malley

Bring your Service to YARNDataWorks Summit

Storm Demo Talk - Colorado Springs May 2015Mac Moore

Hortonworks sqrrl webinar v5.pptxHortonworks

Can Containers be Secured in a PaaS?Tom Kranz

Can Containers be secured in a PaaS?Tom Kranz

Storm Demo Talk - Denver Apr 2015Mac Moore

Authoring and Hosting Applications on YARN using SliderDataWorks Summit

Internet of things Crash Course WorkshopDataWorks Summit

Internet of Things Crash Course Workshop at Hadoop SummitDataWorks Summit

Hortonworks Data In Motion Webinar Series Pt. 2Hortonworks

Introduction to Apache NiFi - Seattle Scalability MeetupSaptak Sen

Hortonworks - What's Possible with a Modern Data Architecture?Hortonworks

Introduction to the Hortonworks YARN Ready ProgramHortonworks

Hadoop in adtechYuta Imai

Similar to Protecting Enterprise Data in Apache Hadoop (20)

Protecting enterprise Data in Hadoop

Protecting Enterprise Data in Apache Hadoop

Protecting Enterprise Data In Apache Hadoop

Protecting Enterprise Data in Apache Hadoop

Real-Time Processing in Hadoop for IoT Use Cases - Phoenix HUG

ORC Column Encryption

Bring your Service to YARN

Storm Demo Talk - Colorado Springs May 2015

Hortonworks sqrrl webinar v5.pptx

Can Containers be Secured in a PaaS?

Can Containers be secured in a PaaS?

Storm Demo Talk - Denver Apr 2015

Authoring and Hosting Applications on YARN using Slider

Internet of things Crash Course Workshop

Internet of Things Crash Course Workshop at Hadoop Summit

Hortonworks Data In Motion Webinar Series Pt. 2

Introduction to Apache NiFi - Seattle Scalability Meetup

Hortonworks - What's Possible with a Modern Data Architecture?

Introduction to the Hortonworks YARN Ready Program

Hadoop in adtech

More from DataWorks Summit

Data Science Crash CourseDataWorks Summit

Floating on a RAFT: HBase Durability with Apache RatisDataWorks Summit

Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiDataWorks Summit

HBase Tales From the Trenches - Short stories about most common HBase operati...DataWorks Summit

Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...DataWorks Summit

Managing the Dewey Decimal SystemDataWorks Summit

Practical NoSQL: Accumulo's dirlist ExampleDataWorks Summit

HBase Global Indexing to support large-scale data ingestion at UberDataWorks Summit

Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixDataWorks Summit

Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit

Supporting Apache HBase : Troubleshooting and Supportability ImprovementsDataWorks Summit

Security Framework for Multitenant ArchitectureDataWorks Summit

Presto: Optimizing Performance of SQL-on-Anything EngineDataWorks Summit

Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...DataWorks Summit

Extending Twitter's Data Platform to Google CloudDataWorks Summit

Event-Driven Messaging and Actions using Apache Flink and Apache NiFiDataWorks Summit

Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerDataWorks Summit

Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...DataWorks Summit

Computer Vision: Coming to a Store Near YouDataWorks Summit

Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkDataWorks Summit

More from DataWorks Summit (20)

Data Science Crash Course

Floating on a RAFT: HBase Durability with Apache Ratis

Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi

HBase Tales From the Trenches - Short stories about most common HBase operati...

Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...

Managing the Dewey Decimal System

Practical NoSQL: Accumulo's dirlist Example

HBase Global Indexing to support large-scale data ingestion at Uber

Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix

Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi

Supporting Apache HBase : Troubleshooting and Supportability Improvements

Security Framework for Multitenant Architecture

Presto: Optimizing Performance of SQL-on-Anything Engine

Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...

Extending Twitter's Data Platform to Google Cloud

Event-Driven Messaging and Actions using Apache Flink and Apache NiFi

Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger

Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...

Computer Vision: Coming to a Store Near You

Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark