Securing Hadoop

Securing Hadoop

Implement robust end-to-end security for your Hadoop ecosystem Master the key concepts behind Hadoop security as well as how to secure a Hadoop-based Big Data ecosystem Understand and deploy authentication, authorization, and data encryption in a Hadoop-based Big Data platform Administer the auditin...

Descripción completa

Detalles Bibliográficos
Autor principal: Narayanan, Sudheesh (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Birmingham : Packt Publishing 2013.
Edición:1st edition
Colección:Community experience distilled
Materias:
Apache Hadoop.
Electronic data processing > Distributed processing.
File organization (Computer science)
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627959506719
Tabla de Contenidos:
  • Cover
  • Copyright
  • Credits
  • About the Author
  • About the Reviewers
  • www.PacktPub.com
  • Table of Contents
  • Preface
  • Chapter 1: Hadoop Security Overview
  • Why do we need to secure Hadoop?
  • Challenges for securing the Hadoop ecosystem
  • Key security considerations
  • Reference architecture for Big Data security
  • Summary
  • Chapter 2: Hadoop Security Design
  • What is Kerberos?
  • Key Kerberos terminologies
  • How Kerberos works?
  • Kerberos advantages
  • The Hadoop default security model with Kerberos
  • Hadoop Kerberos security implementation
  • User-level access controls
  • Service-level access controls
  • User and service authentication
  • Delegation Token
  • Job Token
  • Block Access Token
  • Summary
  • Chapter 3: Setting up a Secured Hadoop Cluster
  • Prerequisites
  • Setting up Kerberos
  • Installing the Key Distribution Center
  • Configuring the Key Distribution Center
  • Establishing the KDC database
  • Setting up the administrator principal for KDC
  • Starting the Kerberos daemons
  • Setting up the first Kerberos administrator
  • Adding the user or service principals
  • Configuring LDAP as the Kerberos database
  • Supporting AES-256 encryption for a Kerberos ticket
  • Configuring Hadoop with Kerberos authentication
  • Setting up the Kerberos client on all the Hadoop nodes
  • Setting up the Hadoop service principals
  • Creating a keytab file for the Hadoop services
  • Distributing the keytab file for all slaves
  • Setting up the Hadoop configuration files
  • HDFS-related configurations
  • MRV1-related configurations
  • MRV2-related configurations
  • Setting up secured DataNode
  • Setting up the TaskController class
  • Configuring users for Hadoop
  • Automation of secured Hadoop deployment
  • Summary
  • Chapter 4: Securing the Hadoop Ecosystem
  • Configuring Kerberos for Hadoop ecosystem components
  • Securing Hive.
  • Securing Hive using Sentry
  • Securing Oozie
  • Securing Flume
  • Securing Flume sources
  • Securing Hadoop sink
  • Securing a Flume channel
  • Securing HBase
  • Securing Sqoop
  • Securing Pig
  • Best practices for securing the Hadoop ecosystem components
  • Summary
  • Chapter 5: Integrating Hadoop with Enterprise Security Systems
  • Integrating Enterprise Identity Management systems
  • Configuring EIM integration with Hadoop
  • Integrating Active Directory-based EIM with the Hadoop ecosystem
  • Accessing a secured Hadoop cluster from an enterprise network
  • HttpFS
  • HUE
  • Knox Gateway Server
  • Summary
  • Chapter 6: Securing Sensitive Data in Hadoop
  • Securing sensitive data in Hadoop
  • Approach for securing insights in Hadoop
  • Securing data in motion
  • Securing data at rest
  • Implementing data encryption in Hadoop
  • Summary
  • Chapter 7: Security Event and Audit Logging in Hadoop
  • Security Incident and Event Monitoring in a Hadoop Cluster
  • The Security Incident and Event Monitoring (SIEM) system
  • Setting up audit logging in a secured Hadoop cluster
  • Configuring Hadoop audit logs
  • Summary
  • Appendix: Solutions Available for Securing Hadoop
  • Hadoop distribution with enhanced security support
  • Automation of secured Hadoop cluster deployment
  • Cloudera Manager
  • Zettaset
  • Different Hadoop data encryption options
  • Dataguise for Hadoop
  • Gazzang zNcrypt
  • eCryptfs for Hadoop
  • Securing the Hadoop ecosystem with Project Rhino
  • Mapping of the security technologies with the reference architecture
  • Infrastructure security
  • OS and filesystem security
  • Application security
  • Network perimeter security
  • Data masking and encryption
  • Authentication and authorization
  • Audit logging, security policies, and procedures
  • Security Incident and Event Monitoring
  • Index.

Ejemplares similares