Data protection2015

Data protection2015

• 1.
  © Hortonworks Inc.2015 Protecting Enterprise Data in Apache Hadoop April 2015 Page 1 Owen O’Malley owen@hortonworks.com @owen_omalley
• 2.
  © Hortonworks Inc.2015 Security Page 2
• 3.
  © Hortonworks Inc.2015 Security Architecture Page 3
• 4.
  © Hortonworks Inc.2015 Attack Vectors Page 4
• 5.
  © Hortonworks Inc.2015 Attack Vectors Page 5
• 6.
  © Hortonworks Inc.2015 Threat: Accidental Damage Page 6
• 7.
  © Hortonworks Inc.2015 Threat: Remote Access Page 7
• 8.
  © Hortonworks Inc.2015 Threat: Eavesdropping Page 8
• 9.
  © Hortonworks Inc.2015 Threat: User accesses private data Page 9
• 10.
  © Hortonworks Inc.2015 Threat: Physical access Page 10
• 11.
  © Hortonworks Inc.2015 Threat: Hadoop Admin in Cluster Page 11
• 12.
  © Hortonworks Inc.2015 HDFS Encryption Page 12
• 13.
  © Hortonworks Inc.2015 KeyProvider API Page 13
• 14.
  © Hortonworks Inc.2015 Encryption Scheme Page 14
• 15.
  © Hortonworks Inc.2015 Threat: User reads private columns Page 15
• 16.
  © Hortonworks Inc.2015 ORC File Layout Page 16 File Footer Postscript Index Data Row Data Stripe Footer 256MBStripe Index Data Row Data Stripe Footer 256MBStripe Index Data Row Data Stripe Footer 256MBStripe Column 1 Column 2 Column 7 Column 8 Column 3 Column 6 Column 4 Column 5 Column 1 Column 2 Column 7 Column 8 Column 3 Column 6 Column 4 Column 5 Stream 2.1 Stream 2.2 Stream 2.3 Stream 2.4
• 17.
  © Hortonworks Inc.2015 Threat: User reads hidden values Page 17
• 18.
  © Hortonworks Inc.2015 Threat: Shadow Security Page 18
• 19.
  © Hortonworks Inc.2015 Resources Page 19
• 20.
  © Hortonworks Inc.2015 Thank You! Page 20