Enviar pesquisa
Carregar
Securing Hadoop with Apache Ranger
•
79 gostaram
•
20,699 visualizações
DataWorks Summit
Seguir
Hadoop Summit 2015
Leia menos
Leia mais
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 37
Recomendados
Apache Hadoop Security - Ranger
Apache Hadoop Security - Ranger
Isheeta Sanghi
Apache Ranger
Apache Ranger
Rommel Garcia
Running Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration Options
Timothy Spann
Overview of new features in Apache Ranger
Overview of new features in Apache Ranger
DataWorks Summit
Dataflow with Apache NiFi
Dataflow with Apache NiFi
DataWorks Summit/Hadoop Summit
Integrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache Flink
Hortonworks
Hive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep Dive
DataWorks Summit
Apache NiFi Crash Course Intro
Apache NiFi Crash Course Intro
DataWorks Summit/Hadoop Summit
Recomendados
Apache Hadoop Security - Ranger
Apache Hadoop Security - Ranger
Isheeta Sanghi
Apache Ranger
Apache Ranger
Rommel Garcia
Running Apache NiFi with Apache Spark : Integration Options
Running Apache NiFi with Apache Spark : Integration Options
Timothy Spann
Overview of new features in Apache Ranger
Overview of new features in Apache Ranger
DataWorks Summit
Dataflow with Apache NiFi
Dataflow with Apache NiFi
DataWorks Summit/Hadoop Summit
Integrating Apache NiFi and Apache Flink
Integrating Apache NiFi and Apache Flink
Hortonworks
Hive + Tez: A Performance Deep Dive
Hive + Tez: A Performance Deep Dive
DataWorks Summit
Apache NiFi Crash Course Intro
Apache NiFi Crash Course Intro
DataWorks Summit/Hadoop Summit
Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox Gateway
DataWorks Summit
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
Timothy Spann
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache Atlas
DataWorks Summit/Hadoop Summit
Hadoop Security Architecture
Hadoop Security Architecture
Owen O'Malley
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the Covers
ScyllaDB
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster Recovery
Cloudera, Inc.
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache Ambari
DataWorks Summit
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
StampedeCon
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache Knox
Vinay Shukla
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
DataWorks Summit/Hadoop Summit
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
Databricks
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013
Julien Le Dem
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data Processing
DataWorks Summit
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Adam Doyle
Hive Anatomy
Hive Anatomy
nzhang
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Databricks
Using Apache Hive with High Performance
Using Apache Hive with High Performance
Inderaj (Raj) Bains
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic Datasets
Alluxio, Inc.
Hive tuning
Hive tuning
Michael Zhang
Apache Sentry for Hadoop security
Apache Sentry for Hadoop security
bigdatagurus_meetup
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
DataWorks Summit
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
huguk
Mais conteúdo relacionado
Mais procurados
Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox Gateway
DataWorks Summit
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
Timothy Spann
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache Atlas
DataWorks Summit/Hadoop Summit
Hadoop Security Architecture
Hadoop Security Architecture
Owen O'Malley
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the Covers
ScyllaDB
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster Recovery
Cloudera, Inc.
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache Ambari
DataWorks Summit
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
StampedeCon
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache Knox
Vinay Shukla
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
DataWorks Summit/Hadoop Summit
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
Databricks
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013
Julien Le Dem
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data Processing
DataWorks Summit
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Adam Doyle
Hive Anatomy
Hive Anatomy
nzhang
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Databricks
Using Apache Hive with High Performance
Using Apache Hive with High Performance
Inderaj (Raj) Bains
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic Datasets
Alluxio, Inc.
Hive tuning
Hive tuning
Michael Zhang
Apache Sentry for Hadoop security
Apache Sentry for Hadoop security
bigdatagurus_meetup
Mais procurados
(20)
Hadoop REST API Security with Apache Knox Gateway
Hadoop REST API Security with Apache Knox Gateway
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
Security and Data Governance using Apache Ranger and Apache Atlas
Security and Data Governance using Apache Ranger and Apache Atlas
Hadoop Security Architecture
Hadoop Security Architecture
Apache Iceberg: An Architectural Look Under the Covers
Apache Iceberg: An Architectural Look Under the Covers
Hadoop Backup and Disaster Recovery
Hadoop Backup and Disaster Recovery
Manage Add-On Services with Apache Ambari
Manage Add-On Services with Apache Ambari
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Apache Hadoop YARN – Multi-Tenancy, Capacity Scheduler & Preemption - Stamped...
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache Knox
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
Parquet Hadoop Summit 2013
Parquet Hadoop Summit 2013
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Tez - A New Chapter in Hadoop Data Processing
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Apache Iceberg Presentation for the St. Louis Big Data IDEA
Hive Anatomy
Hive Anatomy
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Running Apache Spark on a High-Performance Cluster Using RDMA and NVMe Flash ...
Using Apache Hive with High Performance
Using Apache Hive with High Performance
Apache Iceberg - A Table Format for Hige Analytic Datasets
Apache Iceberg - A Table Format for Hige Analytic Datasets
Hive tuning
Hive tuning
Apache Sentry for Hadoop security
Apache Sentry for Hadoop security
Semelhante a Securing Hadoop with Apache Ranger
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
DataWorks Summit
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
huguk
Hadoop security
Hadoop security
Shivaji Dutta
Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystem
DataWorks Summit
Improvements in Hadoop Security
Improvements in Hadoop Security
DataWorks Summit
TriHUG October: Apache Ranger
TriHUG October: Apache Ranger
trihug
Improvements in Hadoop Security
Improvements in Hadoop Security
Chris Nauroth
Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...
DataWorks Summit
August 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for Hadoop
Yahoo Developer Network
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Seetharam Venkatesh
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
DataWorks Summit
Saving the elephant—now, not later
Saving the elephant—now, not later
DataWorks Summit
Building a data-driven authorization framework
Building a data-driven authorization framework
DataWorks Summit
August 2014 HUG : Hive 13 Security
August 2014 HUG : Hive 13 Security
Yahoo Developer Network
Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?
DataWorks Summit/Hadoop Summit
Classification based security in Hadoop
Classification based security in Hadoop
Madhan Neethiraj
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Hortonworks
Atlas and ranger epam meetup
Atlas and ranger epam meetup
Alex Zeltov
Enterprise Data Classification and Provenance
Enterprise Data Classification and Provenance
DataWorks Summit/Hadoop Summit
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
Bryan Bende
Semelhante a Securing Hadoop with Apache Ranger
(20)
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Extending Apache Ranger Authorization Beyond Hadoop: Review of Apache Ranger ...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Apache Argus - How do I secure my entire Hadoop cluster? Olivier Renault @ Ho...
Hadoop security
Hadoop security
Managing enterprise users in Hadoop ecosystem
Managing enterprise users in Hadoop ecosystem
Improvements in Hadoop Security
Improvements in Hadoop Security
TriHUG October: Apache Ranger
TriHUG October: Apache Ranger
Improvements in Hadoop Security
Improvements in Hadoop Security
Treat your enterprise data lake indigestion: Enterprise ready security and go...
Treat your enterprise data lake indigestion: Enterprise ready security and go...
August 2014 HUG : Comprehensive Security for Hadoop
August 2014 HUG : Comprehensive Security for Hadoop
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Data Governance in Apache Falcon - Hadoop Summit Brussels 2015
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
Driving Enterprise Data Governance for Big Data Systems through Apache Falcon
Saving the elephant—now, not later
Saving the elephant—now, not later
Building a data-driven authorization framework
Building a data-driven authorization framework
August 2014 HUG : Hive 13 Security
August 2014 HUG : Hive 13 Security
Is your Enterprise Data lake Metadata Driven AND Secure?
Is your Enterprise Data lake Metadata Driven AND Secure?
Classification based security in Hadoop
Classification based security in Hadoop
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Simplify and Secure your Hadoop Environment with Hortonworks and Centrify
Atlas and ranger epam meetup
Atlas and ranger epam meetup
Enterprise Data Classification and Provenance
Enterprise Data Classification and Provenance
Apache NiFi in the Hadoop Ecosystem
Apache NiFi in the Hadoop Ecosystem
Mais de DataWorks Summit
Data Science Crash Course
Data Science Crash Course
DataWorks Summit
Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache Ratis
DataWorks Summit
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
DataWorks Summit
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...
DataWorks Summit
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
DataWorks Summit
Managing the Dewey Decimal System
Managing the Dewey Decimal System
DataWorks Summit
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist Example
DataWorks Summit
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at Uber
DataWorks Summit
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
DataWorks Summit
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
DataWorks Summit
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability Improvements
DataWorks Summit
Security Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
DataWorks Summit
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything Engine
DataWorks Summit
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
DataWorks Summit
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google Cloud
DataWorks Summit
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
DataWorks Summit
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
DataWorks Summit
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
DataWorks Summit
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near You
DataWorks Summit
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
DataWorks Summit
Mais de DataWorks Summit
(20)
Data Science Crash Course
Data Science Crash Course
Floating on a RAFT: HBase Durability with Apache Ratis
Floating on a RAFT: HBase Durability with Apache Ratis
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
Tracking Crime as It Occurs with Apache Phoenix, Apache HBase and Apache NiFi
HBase Tales From the Trenches - Short stories about most common HBase operati...
HBase Tales From the Trenches - Short stories about most common HBase operati...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Optimizing Geospatial Operations with Server-side Programming in HBase and Ac...
Managing the Dewey Decimal System
Managing the Dewey Decimal System
Practical NoSQL: Accumulo's dirlist Example
Practical NoSQL: Accumulo's dirlist Example
HBase Global Indexing to support large-scale data ingestion at Uber
HBase Global Indexing to support large-scale data ingestion at Uber
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Scaling Cloud-Scale Translytics Workloads with Omid and Phoenix
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Supporting Apache HBase : Troubleshooting and Supportability Improvements
Security Framework for Multitenant Architecture
Security Framework for Multitenant Architecture
Presto: Optimizing Performance of SQL-on-Anything Engine
Presto: Optimizing Performance of SQL-on-Anything Engine
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Introducing MlFlow: An Open Source Platform for the Machine Learning Lifecycl...
Extending Twitter's Data Platform to Google Cloud
Extending Twitter's Data Platform to Google Cloud
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Securing Data in Hybrid on-premise and Cloud Environments using Apache Ranger
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Big Data Meets NVM: Accelerating Big Data Processing with Non-Volatile Memory...
Computer Vision: Coming to a Store Near You
Computer Vision: Coming to a Store Near You
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Big Data Genomics: Clustering Billions of DNA Sequences with Apache Spark
Último
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Dropbox
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
Khushali Kathiriya
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Juan lago vázquez
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Último
(20)
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
Architecting Cloud Native Applications
Architecting Cloud Native Applications
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Securing Hadoop with Apache Ranger
1.
Page1 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Securing Hadoop With Apache Ranger Strategies & Best Practices 11 June 2015 – Hadoop Summit, San Jose Presented by: Selvamohan Neethiraj, Hortonworks Velmurugan Periasamy, Hortonworks
2.
Page2 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Session overview Secured by:
3.
Page3 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Speakers Introduction Selvamohan Neethiraj Senior Director, Enterprise Security Development, HortonWorks Velmurugan Periasamy Senior Technical Manager, HortonWorks
4.
Page4 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
5.
Page5 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Universal Security Principles • Authentication – Who is the user? • Authorization – What can the user do? • Auditing – Record user’s activities • Data Integrity – It is what it is • Confidentiality – Restricted
6.
Page6 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved How Hadoop handles security? • Authentication [Simple, Kerberos] • Authorization [Acl on files/folders] • Auditing [audit log on hosts] • Data Integrity [SSL communication] • Confidentiality [TDE]
7.
Page7 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Security on Hadoop tool sets • Hdfs • Hive • Hbase • Knox • Storm • Oozie • Spark • Kafka • Solr • KMS
8.
Page8 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
9.
Page9 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Example Access Scenario HDFS HDFS ACL HDFS audit log Users Access HDFS file/folder HDFS checks its ACL HDFS Writes audit Hive Hive Authoriza tion Hive audit log Hive authz check Hive Writes audit Access Hive table HBase HBase ACL Hbase audit log Hbase authz check HBase Writes audit Access Hbase table
10.
Page10 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Example Access Scenario with Ranger HDFS HDFS ACL Users Access HDFS file/folder Plugin Enforces policies And writes audit Hive Hive Authoriza tion Plugin Enforces policies And writes audit Plugins Write to Centralized Audit store Access Hive table HBase HBase ACL Plugin Enforces policies And writes audit Access Hbase table Ranger Policy store Ranger Audit store Ranger Plugin Ranger Plugin Ranger Plugin Plugins Download Defined Policies from Centralized Policy store Centralized Security Policy Management and Auditing provided by Ranger
11.
Page11 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Core Ranger Features: • Ranger 0.4.0 • Authorization Support for HDFS, Hive, HBase, Knox, Storm • Audit destination support for HDFS, DB • Ranger 0.5.0 (Released yesterday!) • Support for High Availability (HA) • Support for Transparent Data Encryption with KMS implementation • Support for more plugins (Yarn, Kafka, Solr) • Solr as audit destination • Stack based implementation of Plugins • Dynamic policies with many other attributes • Internal permission model within Ranger Admin UI • Tighter integration with Apache Ambari
12.
Page12 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger: Centralized Policy Admin
13.
Page13 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Architecture Ranger Policy Admin Server Ranger User Sync Server HDFS Ranger Plugin Enterprise Directory Services Sync Users Security Administrators Enterprise Users Define Policies Audit user activity Sync Users Enterprise Legacy Systems Policy Integration Access Data in Hadoop Systems Authenticate Ranger Plugins Authorize the Access & Audit the Activity Hive Ranger Plugin HBase Ranger Plugin Knox Ranger Plugin Storm Ranger Plugin Ranger Audit Store Sync Policies Store Audit Activity Ranger Policy DB
14.
Page14 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Apache Ranger Summary • Comprehensive security for Hadoop ecosystem • Apache Incubator Project – 100% open source • Centralized Administration of Security Policies • Integration with HDFS, Hive, Hbase, Knox, Storm, … • More components integration coming • Ensures consistent coverage across entire Hadoop stack
15.
Page15 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Implementation - components Central interface for security administration. Users can create and update policies, view audit activities, manage users Ranger policy admin server Synchronization utility to pull users and groups from Unix or LDAP or Active Directory. User/group information is stored within Ranger admin policy DB and used for policy definition. Ranger user sync server Lightweight Java programs within Hadoop component. Pull in policies from policy admin server and store them locally in cache. Act as Authorization module and evaluate user requests against security policies before granting access. Collect data from user request and store this data into the audit store. Ranger plugins
16.
Page16 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Policy Admin Server • Provides web interface to support ranger activities • Define repositories (resources to be authorized) • Define access policies (specify which users/groups can access to which resources) • Manage users/groups • Define auditing policies • View/Analyze audit data • Runs embedded tomcat server • Supports LDAP/AD and Unix authentication
17.
Page17 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger User/Group Sync Server • Stand-alone Java server • Retrieves users/groups from enterprise directories • Creates these users/groups in Ranger DB for.. • supporting policy definition • allowing access to Ranger policy admin server • Supports Synchronization of users/groups: • LDAP • Active Directory • Unix
18.
Page18 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • HDFS Permissions • POSIX like permission model (owner/group for files and folders) • ACL’s for fine-grained permissions (for specific set of users/groups) • hdfs dfs -getfacl [-R] <path> • hdfs dfs -setfacl [-R] [options] <path> • dfs.permissions.enabled must be set to true
19.
Page19 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HDFS Integration • Ranger Plugin acts as an authorizer within Namenode. • Need to install in all name nodes (in HA environment) • User can define policies on files and folders • Use of wildcard to define policies (/finance/audit_*) • Read, Write, Execute permissions are allowed • Plugin evaluates HDFS requests and provide access • If no specific ranger policy exists, HDFS ACLs are used as fallback
20.
Page20 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Hive facilitates querying and managing large datasets in distributed storage (on top of Hadoop) • HiveServer2 (HS2) is a server interface to Hive • HiveServer2 supports Access Control similar to relational database model • SELECT/UPDATE/DELETE permissions on tables/columns • Permission defined for USERS/ROLES • Also provides a pluggable authorizer model
21.
Page21 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • Ranger Plugin acts as authorization provider for Hive Server2 • User can define policies on databases, tables/view, columns and UDFs • Select, Update, Create, Drop, Alter, Index, Lock Permissions allowed • Plugin evaluates Hive requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific Ranger policy must exist for gaining access
22.
Page22 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Hive Integration • When the user executes GRANT/REVOKE statements, the hive plugin will creates/deletes necessary Ranger Policies (provided the user has permission to create/delete policies) • GRANT SELECT, UPDATE, ALTER ON TABLE test_data TO USER guest; ← will create a new Ranger policy • REVOKE UPDATE, ALTER ON TABLE test_data FROM USER guest; ← will update/delete existing Ranger policy • Also, ROLE specified in the GRANT/REVOKE statements will be mapped to corresponding GROUPS from your corporate directories • Optionally, you can disable GRANT/REVOKE commands i.e. to force authorization policies management solely via Ranger Policy Admin
23.
Page23 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Hbase is a non-relational DB on top of Hadoop/HDFS • HBase Provides Role Based Access Control/ACLs • ACLs are implemented as a coprocessor called AccessController • Ranger implements a similar coprocessor for enforcing access control based on Ranger Policies
24.
Page24 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Ranger Plugin is implemented as a coprocessor of HBase Master/Region Servers to enforce Ranger Policies • User can define policies on tables, column families and qualifiers • Supports wildcard in defining policies (table = fin_*, col_fam = audit*) • Read, Write, Create, Admin permissions allowed • Plugin evaluates Hbase requests and grants/denies access based on the policies and creates necessary audit logs based on audit • Specific ranger policy must exist for gaining access
25.
Page25 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – HBase Integration • Similar to Hive, Hbase also supports Grant/Revoke commands to manage access control from within Hbase shell. • Ranger HBase plug-in creates/updates Ranger policies to reflect permissions set via Grant/Revoke (from within Hbase) • grant ‘bob’, ‘RWCA’, ‘test_data’ ← will create a new Ranger policy • grant ‘bob’, ‘R’, ‘test_data’ ← will update the Ranger policy created by earlier grant; • Option to disable Grant/revoke commands i.e. to force authorization policies management solely via Ranger Policy Admin tool
26.
Page26 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides perimeter security for Hadoop REST API • Authentication and token verification at the perimeter • Authentication integration with enterprise and cloud identity management systems • Service level authorization at the perimeter • Single URL hierarchy that aggregates REST APIs of a Hadoop cluster • Hadoop services with built-in support currently! • WebHDFS, WebHCat, Oozie • Hbase, Hive, Yarn
27.
Page27 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Knox Integration • Knox provides service level authorization based on xml configuration. • Ranger Knox Plugin will allow service level authorization enforcement via Ranger Policies by acting as Authz Provider within Knox Gateway • User can define policies on topologies and services • Provide access to services based on user/group/ip-address • E.g. Finance group will have access to WebHDFS from 10.1.1.* • Plugin evaluates Knox requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
28.
Page28 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Storm is a distributed real-time computation system. • Storm provides general primitives for real-time computation similar to how Hadoop provides general primitives for batch processing. • Storm Topologies :: Hadoop MR Jobs • Nimbus server (runs on master node) and Supervisor (runs on each worker node). Communication via ZooKeeper • Storm security is implemented based on Kerberos authentication
29.
Page29 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Plugin – Storm Integration • Ranger Plugin acts as an authorizer within Nimbus server • Ranger plugin then can authorize all incoming requests based on the Ranger Policies. • User can define policies on topologies • Permissions that can be set • getClusterInfo, Submit/Get/Kill/Activate/Deactivate Topology • Plugin evaluates Storm requests and grants/denies access based on the policies and creates necessary audit logs based on audit policies
30.
Page30 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Auditing • Auditing is configured through policies (like authorization) • Resource access audit supported with following attributes • User id, request type, repository, access resource, IP address, timestamp, access granted/denied • Admin audit • Changes to policies, login sessions and plugin-monitoring • Audit Destination - HDFS, SOLR are supported, along with custom LOG4J based logging …
31.
Page31 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
32.
Page32 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Demo
33.
Page33 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Agenda Current Hadoop Security What Ranger Brings Ranger Demo Best Practices Q & A
34.
Page34 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Strategies & Best practices • Authentication Process • Kerberos is MUST • Centralized Access Control & Auditing • Use Ranger to define & enforce the security policies • Enable Wire encryption • For confidential data, use Hadoop TDE for data encryption (at rest) • Aware of file permission for keystore & kerberos keytab • Protect access to log files
35.
Page35 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Ranger Resources • Do NOT Miss BoF on Apache Ranger/Knox • Interested in Security ? -- Join Ranger Community to strengthen Hadoop Security!! • Join and Contribute! -- Apache Ranger website - http://ranger.incubator.apache.org/ -- Ranger Wiki - https://cwiki.apache.org/confluence/display/RANGER/Index
36.
Page36 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved References • http://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop- hdfs/HdfsPermissionsGuide.html • https://cwiki.apache.org/confluence/display/Hive/LanguageManual+Authorization • http://hbase.apache.org/book/hbase.accesscontrol.configuration.html • https://knox.apache.org/books/knox-0-5-0/knox-0-5-0.html • https://github.com/apache/storm/blob/master/SECURITY.md
37.
Page37 © Hortonworks
Inc. 2011 – 2015. All Rights Reserved Q & A Page 37