Hadoop security /

As more corporations turn to Hadoop to store and process their most valuable data, the risk of a potential breach of those systems increases exponentially. This practical book not only shows Hadoop administrators and security architects how to protect Hadoop data from unauthorized access, it also sh...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Spivey, Ben (Autor), Echeverria, Joey (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Sebastopol, CA : O'Reilly Media, 2015.
Edición:First edition.
Temas:
Apache Hadoop.
Database security.
Data encryption (Computer science)
Data protection.
Bases de données > Sécurité > Mesures.
Chiffrement (Informatique)
Protection de l'information (Informatique)
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Copyright
  • Table of Contents
  • Foreword
  • Preface
  • Audience
  • Conventions Used in This Book
  • Using Code Examples
  • Safari® Books Online
  • How to Contact Us
  • Acknowledgments
  • From Joey
  • From Ben
  • From Eddie
  • Disclaimer
  • Chapter 1. Introduction
  • Security Overview
  • Confidentiality
  • Integrity
  • Availability
  • Authentication, Authorization, and Accounting
  • Hadoop Security: A Brief History
  • Hadoop Components and Ecosystem
  • Apache HDFS
  • Apache YARN
  • Apache MapReduce
  • Apache Hive
  • Cloudera Impala
  • Apache Sentry (Incubating)Apache HBase
  • Apache Accumulo
  • Apache Solr
  • Apache Oozie
  • Apache ZooKeeper
  • Apache Flume
  • Apache Sqoop
  • Cloudera Hue
  • Summary
  • Part I. Security Architecture
  • Chapter 2. Securing Distributed Systems
  • Threat Categories
  • Unauthorized Access/Masquerade
  • Insider Threat
  • Denial of Service
  • Threats to Data
  • Threat and Risk Assessment
  • User Assessment
  • Environment Assessment
  • Vulnerabilities
  • Defense in Depth
  • Summary
  • Chapter 3. System Architecture
  • Operating Environment
  • Network SecurityNetwork Segmentation
  • Network Firewalls
  • Intrusion Detection and Prevention
  • Hadoop Roles and Separation Strategies
  • Master Nodes
  • Worker Nodes
  • Management Nodes
  • Edge Nodes
  • Operating System Security
  • Remote Access Controls
  • Host Firewalls
  • SELinux
  • Summary
  • Chapter 4. Kerberos
  • Why Kerberos?
  • Kerberos Overview
  • Kerberos Workflow: A Simple Example
  • Kerberos Trusts
  • MIT Kerberos
  • Server Configuration
  • Client Configuration
  • Summary
  • Part II. Authentication, Authorization, and AccountingChapter 5. Identity and Authentication
  • Identity
  • Mapping Kerberos Principals to Usernames
  • Hadoop User to Group Mapping
  • Provisioning of Hadoop Users
  • Authentication
  • Kerberos
  • Username and Password Authentication
  • Tokens
  • Impersonation
  • Configuration
  • Summary
  • Chapter 6. Authorization
  • HDFS Authorization
  • HDFS Extended ACLs
  • Service-Level Authorization
  • MapReduce and YARN Authorization
  • MapReduce (MR1)
  • YARN (MR2)
  • ZooKeeper ACLs
  • Oozie Authorization
  • HBase and Accumulo AuthorizationSystem, Namespace, and Table-Level Authorization
  • Column- and Cell-Level Authorization
  • Summary
  • Chapter 7. Apache Sentry (Incubating)
  • Sentry Concepts
  • The Sentry Service
  • Sentry Service Configuration
  • Hive Authorization
  • Hive Sentry Configuration
  • Impala Authorization
  • Impala Sentry Configuration
  • Solr Authorization
  • Solr Sentry Configuration
  • Sentry Privilege Models
  • SQL Privilege Model
  • Solr Privilege Model
  • Sentry Policy Administration
  • SQL Commands
  • SQL Policy File

Ejemplares similares