SlideShare uma empresa Scribd logo

Securing Hadoop with Apache Ranger

DataWorks Summit
DataWorks Summit

Hadoop Summit 2015

Tecnologia
1 de 37
Page1 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Securing Hadoop With Apache Ranger Strategies & Best Practices 11 June 2015 – Hadoop Summit, San Jose Presented by: Selvamohan Neethiraj, Hortonworks Velmurugan Periasamy, Hortonworks
Page2 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Session overview Secured by:
Page3 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Speakers Introduction Selvamohan Neethiraj Senior Director, Enterprise Security Development, HortonWorks Velmurugan Periasamy Senior Technical Manager, HortonWorks
Page4 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
Page5 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Universal Security Principles • Authentication – Who is the user? • Authorization – What can the user do? • Auditing – Record user’s activities • Data Integrity – It is what it is • Confidentiality – Restricted
Page6 © Hortonworks Inc. 2011 – 2015. All Rights Reserved How Hadoop handles security? • Authentication [Simple, Kerberos] • Authorization [Acl on files/folders] • Auditing [audit log on hosts] • Data Integrity [SSL communication] • Confidentiality [TDE]
Page7 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Security on Hadoop tool sets • Hdfs • Hive • Hbase • Knox • Storm • Oozie • Spark • Kafka • Solr • KMS
Page8 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
Page9 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Example Access Scenario HDFS HDFS ACL HDFS audit log Users Access HDFS file/folder HDFS checks its ACL HDFS Writes audit Hive Hive Authoriza tion Hive audit log Hive authz check Hive Writes audit Access Hive table HBase HBase ACL Hbase audit log Hbase authz check HBase Writes audit Access Hbase table
Page10 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Example Access Scenario with Ranger HDFS HDFS ACL Users Access HDFS file/folder Plugin Enforces policies And writes audit Hive Hive Authoriza tion Plugin Enforces policies And writes audit Plugins Write to Centralized Audit store Access Hive table HBase HBase ACL Plugin Enforces policies And writes audit Access Hbase table Ranger Policy store Ranger Audit store Ranger Plugin Ranger Plugin Ranger Plugin Plugins Download Defined Policies from Centralized Policy store Centralized Security Policy Management and Auditing provided by Ranger
Page11 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Core Ranger Features: • Ranger 0.4.0 • Authorization Support for HDFS, Hive, HBase, Knox, Storm • Audit destination support for HDFS, DB • Ranger 0.5.0 (Released yesterday!) • Support for High Availability (HA) • Support for Transparent Data Encryption with KMS implementation • Support for more plugins (Yarn, Kafka, Solr) • Solr as audit destination • Stack based implementation of Plugins • Dynamic policies with many other attributes • Internal permission model within Ranger Admin UI • Tighter integration with Apache Ambari
Page12 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger: Centralized Policy Admin
Page13 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Architecture Ranger Policy Admin Server Ranger User Sync Server HDFS Ranger Plugin Enterprise Directory Services Sync Users Security Administrators Enterprise Users Define Policies Audit user activity Sync Users Enterprise Legacy Systems Policy Integration Access Data in Hadoop Systems Authenticate Ranger Plugins Authorize the Access & Audit the Activity Hive Ranger Plugin HBase Ranger Plugin Knox Ranger Plugin Storm Ranger Plugin Ranger Audit Store Sync Policies Store Audit Activity Ranger Policy DB
Page14 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Apache Ranger Summary • Comprehensive security for Hadoop ecosystem • Apache Incubator Project – 100% open source • Centralized Administration of Security Policies • Integration with HDFS, Hive, Hbase, Knox, Storm, … • More components integration coming • Ensures consistent coverage across entire Hadoop stack
Page15 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Implementation - components  Central interface for security administration.  Users can create and update policies, view audit activities, manage users Ranger policy admin server  Synchronization utility to pull users and groups from Unix or LDAP or Active Directory.  User/group information is stored within Ranger admin policy DB and used for policy definition. Ranger user sync server  Lightweight Java programs within Hadoop component.  Pull in policies from policy admin server and store them locally in cache.  Act as Authorization module and evaluate user requests against security policies before granting access.  Collect data from user request and store this data into the audit store. Ranger plugins
Page16 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Policy Admin Server • Provides web interface to support ranger activities • Define repositories (resources to be authorized) • Define access policies (specify which users/groups can access to which resources) • Manage users/groups • Define auditing policies • View/Analyze audit data • Runs embedded tomcat server • Supports LDAP/AD and Unix authentication
Page17 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger User/Group Sync Server • Stand-alone Java server • Retrieves users/groups from enterprise directories • Creates these users/groups in Ranger DB for.. • supporting policy definition • allowing access to Ranger policy admin server • Supports Synchronization of users/groups: • LDAP • Active Directory • Unix
Page18 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • HDFS Permissions • POSIX like permission model (owner/group for files and folders) • ACL’s for fine-grained permissions (for specific set of users/groups) • hdfs dfs -getfacl [-R] <path> • hdfs dfs -setfacl [-R] [options] <path> • dfs.permissions.enabled must be set to true
Page19 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • Ranger Plugin acts as an authorizer within Namenode. • Need to install in all name nodes (in HA environment) • User can define policies on files and folders • Use of wildcard to define policies (/finance/audit_*) • Read, Write, Execute permissions are allowed • Plugin evaluates HDFS requests and provide access • If no specific ranger policy exists, HDFS ACLs are used as fallback
Page20 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Hive facilitates querying and managing large datasets in distributed storage (on top of Hadoop) • HiveServer2 (HS2) is a server interface to Hive • HiveServer2 supports Access Control similar to relational database model • SELECT/UPDATE/DELETE permissions on tables/columns • Permission defined for USERS/ROLES • Also provides a pluggable authorizer model
Page21 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Ranger Plugin acts as authorization provider for Hive Server2 • User can define policies on databases, tables/view, columns and UDFs • Select, Update, Create, Drop, Alter, Index, Lock Permissions allowed • Plugin evaluates Hive requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific Ranger policy must exist for gaining access
Page22 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • When the user executes GRANT/REVOKE statements, the hive plugin will creates/deletes necessary Ranger Policies (provided the user has permission to create/delete policies) • GRANT SELECT, UPDATE, ALTER ON TABLE test_data TO USER guest; ← will create a new Ranger policy • REVOKE UPDATE, ALTER ON TABLE test_data FROM USER guest; ← will update/delete existing Ranger policy • Also, ROLE specified in the GRANT/REVOKE statements will be mapped to corresponding GROUPS from your corporate directories • Optionally, you can disable GRANT/REVOKE commands i.e. to force authorization policies management solely via Ranger Policy Admin
Page23 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Hbase is a non-relational DB on top of Hadoop/HDFS • HBase Provides Role Based Access Control/ACLs • ACLs are implemented as a coprocessor called AccessController • Ranger implements a similar coprocessor for enforcing access control based on Ranger Policies
Page24 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Ranger Plugin is implemented as a coprocessor of HBase Master/Region Servers to enforce Ranger Policies • User can define policies on tables, column families and qualifiers • Supports wildcard in defining policies (table = fin_*, col_fam = audit*) • Read, Write, Create, Admin permissions allowed • Plugin evaluates Hbase requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific ranger policy must exist for gaining access
Page25 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Similar to Hive, Hbase also supports Grant/Revoke commands to manage access control from within Hbase shell. • Ranger HBase plug-in creates/updates Ranger policies to reflect permissions set via Grant/Revoke (from within Hbase) • grant ‘bob’, ‘RWCA’, ‘test_data’ ← will create a new Ranger policy • grant ‘bob’, ‘R’, ‘test_data’ ← will update the Ranger policy created by earlier grant; • Option to disable Grant/revoke commands i.e. to force authorization policies management solely via Ranger Policy Admin tool
Page26 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides perimeter security for Hadoop REST API • Authentication and token verification at the perimeter • Authentication integration with enterprise and cloud identity management systems • Service level authorization at the perimeter • Single URL hierarchy that aggregates REST APIs of a Hadoop cluster • Hadoop services with built-in support currently! • WebHDFS, WebHCat, Oozie • Hbase, Hive, Yarn
Page27 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides service level authorization based on xml configuration. • Ranger Knox Plugin will allow service level authorization enforcement via Ranger Policies by acting as Authz Provider within Knox Gateway • User can define policies on topologies and services • Provide access to services based on user/group/ip-address • E.g. Finance group will have access to WebHDFS from 10.1.1.* • Plugin evaluates Knox requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
Page28 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Storm is a distributed real-time computation system. • Storm provides general primitives for real-time computation similar to how Hadoop provides general primitives for batch processing. • Storm Topologies :: Hadoop MR Jobs • Nimbus server (runs on master node) and Supervisor (runs on each worker node). Communication via ZooKeeper • Storm security is implemented based on Kerberos authentication
Page29 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Ranger Plugin acts as an authorizer within Nimbus server • Ranger plugin then can authorize all incoming requests based on the Ranger Policies. • User can define policies on topologies • Permissions that can be set • getClusterInfo, Submit/Get/Kill/Activate/Deactivate Topology • Plugin evaluates Storm requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
Page30 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Auditing • Auditing is configured through policies (like authorization) • Resource access audit supported with following attributes • User id, request type, repository, access resource, IP address, timestamp, access granted/denied • Admin audit • Changes to policies, login sessions and plugin-monitoring • Audit Destination - HDFS, SOLR are supported, along with custom LOG4J based logging …
Page31 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
Page32 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Demo
Page33 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
Page34 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Strategies & Best practices • Authentication Process • Kerberos is MUST • Centralized Access Control & Auditing • Use Ranger to define & enforce the security policies • Enable Wire encryption • For confidential data, use Hadoop TDE for data encryption (at rest) • Aware of file permission for keystore & kerberos keytab • Protect access to log files
Page35 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Resources • Do NOT Miss BoF on Apache Ranger/Knox • Interested in Security ? -- Join Ranger Community to strengthen Hadoop Security!! • Join and Contribute! -- Apache Ranger website - http://ranger.incubator.apache.org/ -- Ranger Wiki - https://cwiki.apache.org/confluence/display/RANGER/Index
Page36 © Hortonworks Inc. 2011 – 2015. All Rights Reserved References • http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop- hdfs/HdfsPermissionsGuide.html • https://cwiki.apache.org/confluence/display/Hive/LanguageManual+Authorization • http://hbase.apache.org/book/hbase.accesscontrol.configuration.html • https://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html • https://github.com/apache/storm/blob/master/SECURITY.md
Page37 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Q & A Page 37

Recomendados

Apache Hadoop Security - Ranger
Apache Hadoop Security - RangerApache Hadoop Security - Ranger
Apache Hadoop Security - RangerIsheeta Sanghi
 
Apache Ranger
Apache RangerApache Ranger
Apache RangerRommel Garcia
 
Running Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration OptionsRunning Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration OptionsTimothy Spann
 
Overview of new features in Apache Ranger
Overview of new features in Apache RangerOverview of new features in Apache Ranger
Overview of new features in Apache RangerDataWorks Summit
 
Dataflow with Apache NiFi
Dataflow with Apache NiFiDataflow with Apache NiFi
Dataflow with Apache NiFiDataWorks Summit/Hadoop Summit
 
Integrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache FlinkIntegrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache FlinkHortonworks
 
Hive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep DiveHive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep DiveDataWorks Summit
 
Apache NiFi Crash Course Intro
Apache NiFi Crash Course IntroApache NiFi Crash Course Intro
Apache NiFi Crash Course IntroDataWorks Summit/Hadoop Summit
 

Recomendados

Apache Hadoop Security - Ranger
Apache Hadoop Security - RangerApache Hadoop Security - Ranger
Apache Hadoop Security - RangerIsheeta Sanghi
 
Apache Ranger
Apache RangerApache Ranger
Apache RangerRommel Garcia
 
Running Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration OptionsRunning Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration OptionsTimothy Spann
 
Overview of new features in Apache Ranger
Overview of new features in Apache RangerOverview of new features in Apache Ranger
Overview of new features in Apache RangerDataWorks Summit
 
Dataflow with Apache NiFi
Dataflow with Apache NiFiDataflow with Apache NiFi
Dataflow with Apache NiFiDataWorks Summit/Hadoop Summit
 
Integrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache FlinkIntegrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache FlinkHortonworks
 
Hive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep DiveHive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep DiveDataWorks Summit
 
Apache NiFi Crash Course Intro
Apache NiFi Crash Course IntroApache NiFi Crash Course Intro
Apache NiFi Crash Course IntroDataWorks Summit/Hadoop Summit
 
Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox GatewayHadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox GatewayDataWorks Summit
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Timothy Spann
 
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache AtlasSecurity and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache AtlasDataWorks Summit/Hadoop Summit
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security ArchitectureOwen O'Malley
 
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the CoversApache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the CoversScyllaDB
 
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryHadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryCloudera, Inc.
 
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache AmbariManage Add-On Services with Apache Ambari
Manage Add-On Services with Apache AmbariDataWorks Summit
 
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...StampedeCon
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxVinay Shukla
 
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem DataWorks Summit/Hadoop Summit
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiA Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiDatabricks
 
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013Julien Le Dem
 
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data ProcessingApache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data ProcessingDataWorks Summit
 
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEAApache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEAAdam Doyle
 
Hive Anatomy
Hive AnatomyHive Anatomy
Hive Anatomynzhang
 
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...Databricks
 
Using Apache Hive with High Performance
Using Apache Hive with High PerformanceUsing Apache Hive with High Performance
Using Apache Hive with High PerformanceInderaj (Raj) Bains
 
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic DatasetsApache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic DatasetsAlluxio, Inc.
 
Hive tuning
Hive tuningHive tuning
Hive tuningMichael Zhang
 
Apache Sentry for Hadoop security
Apache Sentry for Hadoop securityApache Sentry for Hadoop security
Apache Sentry for Hadoop securitybigdatagurus_meetup
 
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...DataWorks Summit
 
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...huguk
 

Mais conteúdo relacionado

Mais procurados

Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox GatewayHadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox GatewayDataWorks Summit
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Timothy Spann
 
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache AtlasSecurity and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache AtlasDataWorks Summit/Hadoop Summit
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security ArchitectureOwen O'Malley
 
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the CoversApache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the CoversScyllaDB
 
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryHadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryCloudera, Inc.
 
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache AmbariManage Add-On Services with Apache Ambari
Manage Add-On Services with Apache AmbariDataWorks Summit
 
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...StampedeCon
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxVinay Shukla
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiA Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiDatabricks
 
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013Julien Le Dem
 
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data ProcessingApache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data ProcessingDataWorks Summit
 
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEAApache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEAAdam Doyle
 
Hive Anatomy
Hive AnatomyHive Anatomy
Hive Anatomynzhang
 
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...Databricks
 
Using Apache Hive with High Performance
Using Apache Hive with High PerformanceUsing Apache Hive with High Performance
Using Apache Hive with High PerformanceInderaj (Raj) Bains
 
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic DatasetsApache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic DatasetsAlluxio, Inc.
 
Apache Sentry for Hadoop security
Apache Sentry for Hadoop securityApache Sentry for Hadoop security
Apache Sentry for Hadoop securitybigdatagurus_meetup
 

Mais procurados (20)

Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox GatewayHadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox Gateway
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
 
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache AtlasSecurity and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache Atlas
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security Architecture
 
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the CoversApache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the Covers
 
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster RecoveryHadoop Backup and Disaster Recovery
Hadoop Backup and Disaster Recovery
 
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache AmbariManage Add-On Services with Apache Ambari
Manage Add-On Services with Apache Ambari
 
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache Knox
 
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiA Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
 
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013
 
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data ProcessingApache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data Processing
 
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEAApache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEA
 
Hive Anatomy
Hive AnatomyHive Anatomy
Hive Anatomy
 
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
 
Using Apache Hive with High Performance
Using Apache Hive with High PerformanceUsing Apache Hive with High Performance
Using Apache Hive with High Performance
 
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic DatasetsApache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic Datasets
 
Hive tuning
Hive tuningHive tuning
Hive tuning
 
Apache Sentry for Hadoop security
Apache Sentry for Hadoop securityApache Sentry for Hadoop security
Apache Sentry for Hadoop security
 

Semelhante a Securing Hadoop with Apache Ranger

Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...DataWorks Summit
 
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...huguk
 
Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystemManaging enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystemDataWorks Summit
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop SecurityDataWorks Summit
 
TriHUG October: Apache Ranger
TriHUG October: Apache RangerTriHUG October: Apache Ranger
TriHUG October: Apache Rangertrihug
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop SecurityChris Nauroth
 
Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...DataWorks Summit
 
August 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for HadoopAugust 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for HadoopYahoo Developer Network
 
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015 Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015 Seetharam Venkatesh
 
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache FalconDriving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache FalconDataWorks Summit
 
Saving the elephant—now, not later
Saving the elephant—now, not laterSaving the elephant—now, not later
Saving the elephant—now, not laterDataWorks Summit
 
Building a data-driven authorization framework
Building a data-driven authorization frameworkBuilding a data-driven authorization framework
Building a data-driven authorization frameworkDataWorks Summit
 
Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?DataWorks Summit/Hadoop Summit
 
Classification based security in Hadoop
Classification based security in HadoopClassification based security in Hadoop
Classification based security in HadoopMadhan Neethiraj
 
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifySimplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifyHortonworks
 
Atlas and ranger epam meetup
Atlas and ranger epam meetupAtlas and ranger epam meetup
Atlas and ranger epam meetupAlex Zeltov
 
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop EcosystemApache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop EcosystemBryan Bende
 

Semelhante a Securing Hadoop with Apache Ranger (20)

Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
 
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
 
Hadoop security
Hadoop securityHadoop security
Hadoop security
 
Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystemManaging enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystem
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
 
TriHUG October: Apache Ranger
TriHUG October: Apache RangerTriHUG October: Apache Ranger
TriHUG October: Apache Ranger
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
 
Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...
 
August 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for HadoopAugust 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for Hadoop
 
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015 Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
 
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache FalconDriving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
 
Saving the elephant—now, not later
Saving the elephant—now, not laterSaving the elephant—now, not later
Saving the elephant—now, not later
 
Building a data-driven authorization framework
Building a data-driven authorization frameworkBuilding a data-driven authorization framework
Building a data-driven authorization framework
 
August 2014 HUG : Hive 13 Security
August 2014 HUG : Hive 13 SecurityAugust 2014 HUG : Hive 13 Security
August 2014 HUG : Hive 13 Security
 
Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?
 
Classification based security in Hadoop
Classification based security in HadoopClassification based security in Hadoop
Classification based security in Hadoop
 
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and CentrifySimplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
 
Atlas and ranger epam meetup
Atlas and ranger epam meetupAtlas and ranger epam meetup
Atlas and ranger epam meetup
 
Enterprise Data Classification and Provenance
Enterprise Data Classification and ProvenanceEnterprise Data Classification and Provenance
Enterprise Data Classification and Provenance
 
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop EcosystemApache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
 

Mais de DataWorks Summit

Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisFloating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisDataWorks Summit
 
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiTracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiDataWorks Summit
 
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...DataWorks Summit
 
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...DataWorks Summit
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExamplePractical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExampleDataWorks Summit
 
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberHBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberDataWorks Summit
 
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixScaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixDataWorks Summit
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsDataWorks Summit
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureDataWorks Summit
 
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EnginePresto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EngineDataWorks Summit
 
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...DataWorks Summit
 
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudExtending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudDataWorks Summit
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiDataWorks Summit
 
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerSecuring Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerDataWorks Summit
 
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...DataWorks Summit
 
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouComputer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouDataWorks Summit
 
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkBig Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkDataWorks Summit
 

Mais de DataWorks Summit (20)

Data Science Crash Course
Data Science Crash CourseData Science Crash Course
Data Science Crash Course
 
Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache RatisFloating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache Ratis
 
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFiTracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
 
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...
 
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal System
 
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist ExamplePractical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist Example
 
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at UberHBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at Uber
 
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and PhoenixScaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
 
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability ImprovementsSupporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability Improvements
 
Security Framework for Multitenant Architecture
Security Framework for Multitenant ArchitectureSecurity Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
 
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything EnginePresto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything Engine
 
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
 
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google CloudExtending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google Cloud
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
 
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache RangerSecuring Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
 
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
 
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near YouComputer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near You
 
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache SparkBig Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
 

Último

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

Securing Hadoop with Apache Ranger

  • 1. Page1 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Securing Hadoop With Apache Ranger Strategies & Best Practices 11 June 2015 – Hadoop Summit, San Jose Presented by: Selvamohan Neethiraj, Hortonworks Velmurugan Periasamy, Hortonworks
  • 2. Page2 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Session overview Secured by:
  • 3. Page3 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Speakers Introduction Selvamohan Neethiraj Senior Director, Enterprise Security Development, HortonWorks Velmurugan Periasamy Senior Technical Manager, HortonWorks
  • 4. Page4 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
  • 5. Page5 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Universal Security Principles • Authentication – Who is the user? • Authorization – What can the user do? • Auditing – Record user’s activities • Data Integrity – It is what it is • Confidentiality – Restricted
  • 6. Page6 © Hortonworks Inc. 2011 – 2015. All Rights Reserved How Hadoop handles security? • Authentication [Simple, Kerberos] • Authorization [Acl on files/folders] • Auditing [audit log on hosts] • Data Integrity [SSL communication] • Confidentiality [TDE]
  • 7. Page7 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Security on Hadoop tool sets • Hdfs • Hive • Hbase • Knox • Storm • Oozie • Spark • Kafka • Solr • KMS
  • 8. Page8 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
  • 9. Page9 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Example Access Scenario HDFS HDFS ACL HDFS audit log Users Access HDFS file/folder HDFS checks its ACL HDFS Writes audit Hive Hive Authoriza tion Hive audit log Hive authz check Hive Writes audit Access Hive table HBase HBase ACL Hbase audit log Hbase authz check HBase Writes audit Access Hbase table
  • 10. Page10 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Example Access Scenario with Ranger HDFS HDFS ACL Users Access HDFS file/folder Plugin Enforces policies And writes audit Hive Hive Authoriza tion Plugin Enforces policies And writes audit Plugins Write to Centralized Audit store Access Hive table HBase HBase ACL Plugin Enforces policies And writes audit Access Hbase table Ranger Policy store Ranger Audit store Ranger Plugin Ranger Plugin Ranger Plugin Plugins Download Defined Policies from Centralized Policy store Centralized Security Policy Management and Auditing provided by Ranger
  • 11. Page11 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Core Ranger Features: • Ranger 0.4.0 • Authorization Support for HDFS, Hive, HBase, Knox, Storm • Audit destination support for HDFS, DB • Ranger 0.5.0 (Released yesterday!) • Support for High Availability (HA) • Support for Transparent Data Encryption with KMS implementation • Support for more plugins (Yarn, Kafka, Solr) • Solr as audit destination • Stack based implementation of Plugins • Dynamic policies with many other attributes • Internal permission model within Ranger Admin UI • Tighter integration with Apache Ambari
  • 12. Page12 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger: Centralized Policy Admin
  • 13. Page13 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Architecture Ranger Policy Admin Server Ranger User Sync Server HDFS Ranger Plugin Enterprise Directory Services Sync Users Security Administrators Enterprise Users Define Policies Audit user activity Sync Users Enterprise Legacy Systems Policy Integration Access Data in Hadoop Systems Authenticate Ranger Plugins Authorize the Access & Audit the Activity Hive Ranger Plugin HBase Ranger Plugin Knox Ranger Plugin Storm Ranger Plugin Ranger Audit Store Sync Policies Store Audit Activity Ranger Policy DB
  • 14. Page14 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Apache Ranger Summary • Comprehensive security for Hadoop ecosystem • Apache Incubator Project – 100% open source • Centralized Administration of Security Policies • Integration with HDFS, Hive, Hbase, Knox, Storm, … • More components integration coming • Ensures consistent coverage across entire Hadoop stack
  • 15. Page15 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Implementation - components  Central interface for security administration.  Users can create and update policies, view audit activities, manage users Ranger policy admin server  Synchronization utility to pull users and groups from Unix or LDAP or Active Directory.  User/group information is stored within Ranger admin policy DB and used for policy definition. Ranger user sync server  Lightweight Java programs within Hadoop component.  Pull in policies from policy admin server and store them locally in cache.  Act as Authorization module and evaluate user requests against security policies before granting access.  Collect data from user request and store this data into the audit store. Ranger plugins
  • 16. Page16 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Policy Admin Server • Provides web interface to support ranger activities • Define repositories (resources to be authorized) • Define access policies (specify which users/groups can access to which resources) • Manage users/groups • Define auditing policies • View/Analyze audit data • Runs embedded tomcat server • Supports LDAP/AD and Unix authentication
  • 17. Page17 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger User/Group Sync Server • Stand-alone Java server • Retrieves users/groups from enterprise directories • Creates these users/groups in Ranger DB for.. • supporting policy definition • allowing access to Ranger policy admin server • Supports Synchronization of users/groups: • LDAP • Active Directory • Unix
  • 18. Page18 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • HDFS Permissions • POSIX like permission model (owner/group for files and folders) • ACL’s for fine-grained permissions (for specific set of users/groups) • hdfs dfs -getfacl [-R] <path> • hdfs dfs -setfacl [-R] [options] <path> • dfs.permissions.enabled must be set to true
  • 19. Page19 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • Ranger Plugin acts as an authorizer within Namenode. • Need to install in all name nodes (in HA environment) • User can define policies on files and folders • Use of wildcard to define policies (/finance/audit_*) • Read, Write, Execute permissions are allowed • Plugin evaluates HDFS requests and provide access • If no specific ranger policy exists, HDFS ACLs are used as fallback
  • 20. Page20 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Hive facilitates querying and managing large datasets in distributed storage (on top of Hadoop) • HiveServer2 (HS2) is a server interface to Hive • HiveServer2 supports Access Control similar to relational database model • SELECT/UPDATE/DELETE permissions on tables/columns • Permission defined for USERS/ROLES • Also provides a pluggable authorizer model
  • 21. Page21 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Ranger Plugin acts as authorization provider for Hive Server2 • User can define policies on databases, tables/view, columns and UDFs • Select, Update, Create, Drop, Alter, Index, Lock Permissions allowed • Plugin evaluates Hive requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific Ranger policy must exist for gaining access
  • 22. Page22 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • When the user executes GRANT/REVOKE statements, the hive plugin will creates/deletes necessary Ranger Policies (provided the user has permission to create/delete policies) • GRANT SELECT, UPDATE, ALTER ON TABLE test_data TO USER guest; ← will create a new Ranger policy • REVOKE UPDATE, ALTER ON TABLE test_data FROM USER guest; ← will update/delete existing Ranger policy • Also, ROLE specified in the GRANT/REVOKE statements will be mapped to corresponding GROUPS from your corporate directories • Optionally, you can disable GRANT/REVOKE commands i.e. to force authorization policies management solely via Ranger Policy Admin
  • 23. Page23 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Hbase is a non-relational DB on top of Hadoop/HDFS • HBase Provides Role Based Access Control/ACLs • ACLs are implemented as a coprocessor called AccessController • Ranger implements a similar coprocessor for enforcing access control based on Ranger Policies
  • 24. Page24 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Ranger Plugin is implemented as a coprocessor of HBase Master/Region Servers to enforce Ranger Policies • User can define policies on tables, column families and qualifiers • Supports wildcard in defining policies (table = fin_*, col_fam = audit*) • Read, Write, Create, Admin permissions allowed • Plugin evaluates Hbase requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific ranger policy must exist for gaining access
  • 25. Page25 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Similar to Hive, Hbase also supports Grant/Revoke commands to manage access control from within Hbase shell. • Ranger HBase plug-in creates/updates Ranger policies to reflect permissions set via Grant/Revoke (from within Hbase) • grant ‘bob’, ‘RWCA’, ‘test_data’ ← will create a new Ranger policy • grant ‘bob’, ‘R’, ‘test_data’ ← will update the Ranger policy created by earlier grant; • Option to disable Grant/revoke commands i.e. to force authorization policies management solely via Ranger Policy Admin tool
  • 26. Page26 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides perimeter security for Hadoop REST API • Authentication and token verification at the perimeter • Authentication integration with enterprise and cloud identity management systems • Service level authorization at the perimeter • Single URL hierarchy that aggregates REST APIs of a Hadoop cluster • Hadoop services with built-in support currently! • WebHDFS, WebHCat, Oozie • Hbase, Hive, Yarn
  • 27. Page27 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides service level authorization based on xml configuration. • Ranger Knox Plugin will allow service level authorization enforcement via Ranger Policies by acting as Authz Provider within Knox Gateway • User can define policies on topologies and services • Provide access to services based on user/group/ip-address • E.g. Finance group will have access to WebHDFS from 10.1.1.* • Plugin evaluates Knox requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
  • 28. Page28 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Storm is a distributed real-time computation system. • Storm provides general primitives for real-time computation similar to how Hadoop provides general primitives for batch processing. • Storm Topologies :: Hadoop MR Jobs • Nimbus server (runs on master node) and Supervisor (runs on each worker node). Communication via ZooKeeper • Storm security is implemented based on Kerberos authentication
  • 29. Page29 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Ranger Plugin acts as an authorizer within Nimbus server • Ranger plugin then can authorize all incoming requests based on the Ranger Policies. • User can define policies on topologies • Permissions that can be set • getClusterInfo, Submit/Get/Kill/Activate/Deactivate Topology • Plugin evaluates Storm requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
  • 30. Page30 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Auditing • Auditing is configured through policies (like authorization) • Resource access audit supported with following attributes • User id, request type, repository, access resource, IP address, timestamp, access granted/denied • Admin audit • Changes to policies, login sessions and plugin-monitoring • Audit Destination - HDFS, SOLR are supported, along with custom LOG4J based logging …
  • 31. Page31 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
  • 32. Page32 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Demo
  • 33. Page33 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
  • 34. Page34 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Strategies & Best practices • Authentication Process • Kerberos is MUST • Centralized Access Control & Auditing • Use Ranger to define & enforce the security policies • Enable Wire encryption • For confidential data, use Hadoop TDE for data encryption (at rest) • Aware of file permission for keystore & kerberos keytab • Protect access to log files
  • 35. Page35 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Ranger Resources • Do NOT Miss BoF on Apache Ranger/Knox • Interested in Security ? -- Join Ranger Community to strengthen Hadoop Security!! • Join and Contribute! -- Apache Ranger website - http://ranger.incubator.apache.org/ -- Ranger Wiki - https://cwiki.apache.org/confluence/display/RANGER/Index
  • 36. Page36 © Hortonworks Inc. 2011 – 2015. All Rights Reserved References • http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop- hdfs/HdfsPermissionsGuide.html • https://cwiki.apache.org/confluence/display/Hive/LanguageManual+Authorization • http://hbase.apache.org/book/hbase.accesscontrol.configuration.html • https://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html • https://github.com/apache/storm/blob/master/SECURITY.md
  • 37. Page37 © Hortonworks Inc. 2011 – 2015. All Rights Reserved Q & A Page 37