SlideShare a Scribd company logo

The Future of Hadoop Security - Hadoop Summit 2014

Cloudera, Inc.
Cloudera, Inc.

Hadoop deployments are rapidly moving from pilots to production, enabling unprecedented opportunity to build big data applications that deliver faster access to more information to more users than ever before possible. Yet without the ability to address data security and compliance regulations, Hadoop will be limited to another data silo. In this talk, Matt Brandwein and David Tishgart discuss the requirements for securing Hadoop and how Cloudera (now with Gazzang) and Intel are collaborating in the open to deliver comprehensive, transparent, compliance-ready security to unlock the potential of the Hadoop ecosystem and enable innovation without compromise.

Technology
1 of 26
The Future of Hadoop Security Matt Brandwein @mattbrandwein David Tishgart @dtish
©2014 Cloudera, Inc. All rights reserved.2
©2014 Cloudera, Inc. All rights reserved.3
©2014 Cloudera, Inc. All rights reserved.4
Trusted Data Zone Sensitive Data, Multi-Tenant Access Hadoop “Data Lake” or Sandbox Non-Sensitive Data, Few Users RDBMS ©2014 Cloudera, Inc. All rights reserved. Hadoop is at risk of becoming another silo 5
✔ Meet compliance requirements ✔ Innovate without compromise ✔ Comprehensive security for all data ©2014 Cloudera, Inc. All rights reserved.6
©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage 7
©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Kerberos | AD/LDAP Today: First to market with Kerberos authentication Roadmap: Fully automated Kerberos that leverages existing active directory environment 8
©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Rhino | Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Today: Unified authorization for Hive, Impala, & Search through Apache Sentry Roadmap: Unified authorization across all access paths to data and metadata—Apache Sentry expansion 9
©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Today: First in the market with centralized audit capabilities Roadmap: Extend capabilities to cover more workloads including Spark 10
©2014 Cloudera, Inc. All rights reserved. • Founded: 2010 • Security: Singular product focus and a pillar of company culture. Security is at the front of everything we do • Big Data Expertise: While other security vendors retrofit their solutions for big data, Gazzang’s solutions are designed for the specific demands of Hadoop and NoSQL systems • Customer Success: Nearly 200 paying customers including several in the Fortune 1000 • Named a 2014 Cool Vendor in Big Data by Gartner About Gazzang 11
Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved. • We can ensure sensitive data and encryption keys are never stored in plain text nor exposed publicly • We can enable compliance (HIPAA, PCI-DSS, SOX, FERPA, EU data protection) initiatives that require at-rest encryption and key management 12 “I need to meet [insert acronym here] compliance”
©2014 Cloudera, Inc. All rights reserved. When thinking about compliance, consider the following: • Are your encryption processes (algorithm, key length) consistent with NIST Special Publication 800-111? • Are the encryption keys stored on a separate device or location from the encrypted data? • What kind of authentication and access controls are enforced? • Is the data secured in a manner that would enable you to claim “safe harbor” in the event of a breach? • Do the crypto modules meet FIPS 140-2 certification? • Can you account for all the sensitive data that may fall under compliance scope? Not all Data Security is Created Equal 13
Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.14 “I want security that won’t impose a harsh penalty” • We provide a transparent layer between the application and file system that dramatically reduces performance impact of encryption • We can make sure only applications that need access to plaintext data will have it
Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.15 “I need a centralized way to manage all my hadoop security artifacts” • Navigator key trustee provides cluster-level security, managing the growing volumes of Hadoop encryption keys, certificates, passwords • We can help you bring sensitive digital artifacts under a consistent set of controls and policies
Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.16 “It’s critical that no unauthorized parties can access my data” • Navigator encrypt can prevent admins and super users from accessing encrypted data • You can establish a variety of key retrieval policies that dictate who or what can access the secure artifact
©2014 Cloudera, Inc. All rights reserved. How does it work? Navigator encrypt provides transparent encryption for Hadoop data as it’s written to disk • AES-256 encryption for HDFS data, Hive metadata, log files, ingest paths, etc... • Process-based ACLs • High-performance optimized on Intel • Fast, easy deployment and configuration • Enterprise scalability • Keys protected by Navigator key trustee 17
©2014 Cloudera, Inc. All rights reserved. Navigator key trustee is a “virtual safe-deposit box” for managing encrypt keys or any other Hadoop security artifact How does it work? • Separates keys from encrypted data • Centralized management of SSL certificates, SSH keys, tokens, passwords, kerberos keytab files and more • Unique “trustee” and machine-based policies deliver multifactor authentication • Integration with HSMs from Thales, RSA and SafeNet • Multiple deployment options include on- prem or hosted SaaS offering 18
©2014 Cloudera, Inc. All rights reserved. Introducing the Cloudera Center for Security Excellence • Based in Austin, Texas • Comprehensive data and cluster security technologies • Hadoop security test and certification lab • Security ecosystem partner enablement • Intel chipset, cloud and virtualization security alignment `19
©2014 Cloudera, Inc. All rights reserved. Hadoop Security Successes 20 • Health exchange for Minnesota • Using Cloudera to log, track and run analytics on interactions between case workers and consumers • The ability to drive data privacy and HIPAA compliance on Hadoop were critical requirements and key factors in the selections of Cloudera and Gazzang • Surprised by the performance and ease of use • Wanted to get to know its customers better in an effort to improve service and sniff out fraud • Massive amount of personal and PCI data being collected, the company is encrypting everything in its Hadoop cluster • Data is segregated with Apache Sentry (incubating) and Kerberos, monitored by Cloudera Navigator and encrypted by Gazzang • Key manager and process-based ACL’s enable separation of keys and data based on “business need to know”
©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Previous: Cloudera Partners Today: Transparent Encryption + Enterprise Key Management Roadmap: Transparent Encryption for HDFS (includes work-through Project Rhino) + Enterprise Key Management 21
©2014 Cloudera, Inc. All rights reserved. Result: Cloudera is the most secure Hadoop platform Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Rhino | Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee 22
Batch Processing Analytic MPP SQL Search Engine Machine Learning Stream Processing End-to-End, Zero-Downtime System Administration Workload & Resource Management 3rd Party Apps Distributed Filesystem Online NoSQL Database Access Control Authorization Perimeter Authentication Data Protection Encryption, Key Management Data Lifecycle BDR, Snapshots Data Visibility Audit, Lineage ANALYTIC & PROCESSING ENGINES SYSTEMS MANAGEMENT UNIFIED DATA STORAGE & INTEGRATION SECURITY & GOVERNANCE CLOUDERA ENTERPRISE 5 Comprehensive, Transparent,Compliance-ReadySecurity ©2014 Cloudera, Inc. All rights reserved.23
Batch Processing Analytic MPP SQL Search Engine Machine Learning Stream Processing End-to-End, Zero-Downtime System Administration Workload & Resource Management 3rd Party Apps Distributed Filesystem Online NoSQL Database Access Control Authorization Perimeter Authentication Data Protection Encryption, Key Management Data Lifecycle BDR, Snapshots Data Visibility Audit, Lineage ANALYTIC & PROCESSING ENGINES SYSTEMS MANAGEMENT UNIFIED DATA STORAGE & INTEGRATION SECURITY & GOVERNANCE CLOUDERA ENTERPRISE 5 Comprehensive, Transparent,Compliance-ReadySecurity ©2014 Cloudera, Inc. All rights reserved.24
©2014 Cloudera, Inc. All rights reserved. Cloudera’s Vision for Hadoop Security Compliance-Ready Comprehensive Transparent • Standards-based Authentication • Centralized, Granular Authorization • Native Data Protection • End-to-End Data Audit and Lineage • Meet compliance requirements • HIPAA, PCI-DSS, … • Encryption and key management • Security at the core • Minimal performance impact • Compatible with new components • Insight with compliance 25
©2014 Cloudera, Inc. All rights reserved. Thank you! @mattbrandwein @dtish Visit our booths to learn more: 26

Recommended

Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Cloudera, Inc.
 
Deploying Enterprise-grade Security for Hadoop
Deploying Enterprise-grade Security for HadoopDeploying Enterprise-grade Security for Hadoop
Deploying Enterprise-grade Security for HadoopCloudera, Inc.
 
Securing the Hadoop Ecosystem
Securing the Hadoop EcosystemSecuring the Hadoop Ecosystem
Securing the Hadoop EcosystemDataWorks Summit
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Shravan (Sean) Pabba
 
Apache Sentry for Hadoop security
Apache Sentry for Hadoop securityApache Sentry for Hadoop security
Apache Sentry for Hadoop securitybigdatagurus_meetup
 
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010Cloudera, Inc.
 
Hadoop Security: Overview
Hadoop Security: OverviewHadoop Security: Overview
Hadoop Security: OverviewCloudera, Inc.
 
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...Cloudera, Inc.
 

Recommended

Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...
Comprehensive Security for the Enterprise III: Protecting Data at Rest and In...Cloudera, Inc.
 
Deploying Enterprise-grade Security for Hadoop
Deploying Enterprise-grade Security for HadoopDeploying Enterprise-grade Security for Hadoop
Deploying Enterprise-grade Security for HadoopCloudera, Inc.
 
Securing the Hadoop Ecosystem
Securing the Hadoop EcosystemSecuring the Hadoop Ecosystem
Securing the Hadoop EcosystemDataWorks Summit
 
Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Hadoop security @ Philly Hadoop Meetup May 2015
Hadoop security @ Philly Hadoop Meetup May 2015Shravan (Sean) Pabba
 
Apache Sentry for Hadoop security
Apache Sentry for Hadoop securityApache Sentry for Hadoop security
Apache Sentry for Hadoop securitybigdatagurus_meetup
 
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010
Hadoop Security, Cloudera - Todd Lipcon and Aaron Myers - Hadoop World 2010Cloudera, Inc.
 
Hadoop Security: Overview
Hadoop Security: OverviewHadoop Security: Overview
Hadoop Security: OverviewCloudera, Inc.
 
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...
Comprehensive Security for the Enterprise II: Guarding the Perimeter and Cont...Cloudera, Inc.
 
Hadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happyHadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happyDataWorks Summit
 
Hadoop security
Hadoop securityHadoop security
Hadoop securityShivaji Dutta
 
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Cloudera, Inc.
 
Hadoop and Data Access Security
Hadoop and Data Access SecurityHadoop and Data Access Security
Hadoop and Data Access SecurityCloudera, Inc.
 
Hadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117revHadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117revJason Shih
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxVinay Shukla
 
Hadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happyHadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happyAnurag Shrivastava
 
Hadoop Security Today and Tomorrow
Hadoop Security Today and TomorrowHadoop Security Today and Tomorrow
Hadoop Security Today and TomorrowDataWorks Summit
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Hadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster AccessHadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster AccessCloudera, Inc.
 
Open Source Security Tools for Big Data
Open Source Security Tools for Big DataOpen Source Security Tools for Big Data
Open Source Security Tools for Big DataRommel Garcia
 
April 2014 HUG : Apache Sentry
April 2014 HUG : Apache SentryApril 2014 HUG : Apache Sentry
April 2014 HUG : Apache SentryYahoo Developer Network
 
Article data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital businessArticle data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital businessUlf Mattsson
 
Project Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for HadoopProject Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for HadoopCloudera, Inc.
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security ArchitectureOwen O'Malley
 
Hadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, FutureHadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, FutureUwe Printz
 
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Abhiraj Butala
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop SecurityDataWorks Summit
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview Hortonworks
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Cloudera, Inc.
 
Sentry - An Introduction
Sentry - An Introduction Sentry - An Introduction
Sentry - An Introduction Alexander Alten-Lorenz
 
Securing Hadoop with Apache Ranger
Securing Hadoop with Apache RangerSecuring Hadoop with Apache Ranger
Securing Hadoop with Apache RangerDataWorks Summit
 

More Related Content

What's hot

Hadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happyHadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happyDataWorks Summit
 
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Cloudera, Inc.
 
Hadoop and Data Access Security
Hadoop and Data Access SecurityHadoop and Data Access Security
Hadoop and Data Access SecurityCloudera, Inc.
 
Hadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117revHadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117revJason Shih
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxVinay Shukla
 
Hadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happyHadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happyAnurag Shrivastava
 
Hadoop Security Today and Tomorrow
Hadoop Security Today and TomorrowHadoop Security Today and Tomorrow
Hadoop Security Today and TomorrowDataWorks Summit
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with HadoopCloudera, Inc.
 
Hadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster AccessHadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster AccessCloudera, Inc.
 
Open Source Security Tools for Big Data
Open Source Security Tools for Big DataOpen Source Security Tools for Big Data
Open Source Security Tools for Big DataRommel Garcia
 
Article data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital businessArticle data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital businessUlf Mattsson
 
Project Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for HadoopProject Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for HadoopCloudera, Inc.
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security ArchitectureOwen O'Malley
 
Hadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, FutureHadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, FutureUwe Printz
 
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Abhiraj Butala
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop SecurityDataWorks Summit
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview Hortonworks
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Cloudera, Inc.
 

What's hot (20)

Hadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happyHadoop Security Features That make your risk officer happy
Hadoop Security Features That make your risk officer happy
 
Hadoop security
Hadoop securityHadoop security
Hadoop security
 
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
Comprehensive Hadoop Security for the Enterprise | Part I | Compliance Ready ...
 
Hadoop and Data Access Security
Hadoop and Data Access SecurityHadoop and Data Access Security
Hadoop and Data Access Security
 
Hadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117revHadoop security overview_hit2012_1117rev
Hadoop security overview_hit2012_1117rev
 
Hadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache KnoxHadoop Security Today & Tomorrow with Apache Knox
Hadoop Security Today & Tomorrow with Apache Knox
 
Hadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happyHadoop Security Features that make your risk officer happy
Hadoop Security Features that make your risk officer happy
 
Hadoop Security Today and Tomorrow
Hadoop Security Today and TomorrowHadoop Security Today and Tomorrow
Hadoop Security Today and Tomorrow
 
Big Data Security with Hadoop
Big Data Security with HadoopBig Data Security with Hadoop
Big Data Security with Hadoop
 
Hadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster AccessHadoop Operations: How to Secure and Control Cluster Access
Hadoop Operations: How to Secure and Control Cluster Access
 
Open Source Security Tools for Big Data
Open Source Security Tools for Big DataOpen Source Security Tools for Big Data
Open Source Security Tools for Big Data
 
April 2014 HUG : Apache Sentry
April 2014 HUG : Apache SentryApril 2014 HUG : Apache Sentry
April 2014 HUG : Apache Sentry
 
Article data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital businessArticle data-centric security key to cloud and digital business
Article data-centric security key to cloud and digital business
 
Project Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for HadoopProject Rhino: Enhancing Data Protection for Hadoop
Project Rhino: Enhancing Data Protection for Hadoop
 
Hadoop Security Architecture
Hadoop Security ArchitectureHadoop Security Architecture
Hadoop Security Architecture
 
Hadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, FutureHadoop & Security - Past, Present, Future
Hadoop & Security - Past, Present, Future
 
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
Hadoop Security in Big-Data-as-a-Service Deployments - Presented at Hadoop Su...
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
 
Hdp security overview
Hdp security overview Hdp security overview
Hdp security overview
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
 

Viewers also liked

Securing Hadoop with Apache Ranger
Securing Hadoop with Apache RangerSecuring Hadoop with Apache Ranger
Securing Hadoop with Apache RangerDataWorks Summit
 
Integrating hadoop - Big Data TechCon 2013
Integrating hadoop - Big Data TechCon 2013Integrating hadoop - Big Data TechCon 2013
Integrating hadoop - Big Data TechCon 2013Jonathan Seidman
 
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop Clusters
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop ClustersCloudera Federal Forum 2014: Tracking Provenance in Hadoop Clusters
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop ClustersCloudera, Inc.
 
Introduction to Hadoop - The Essentials
Introduction to Hadoop - The EssentialsIntroduction to Hadoop - The Essentials
Introduction to Hadoop - The EssentialsFadi Yousuf
 
Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Datameer
 
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?Security needs in Hadoop’s Current and Future – How Apache Ranger can help?
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?DataWorks Summit
 
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...Cloudera, Inc.
 
Geek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityGeek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityIDERA Software
 
Hadoop security landscape
Hadoop security landscapeHadoop security landscape
Hadoop security landscapeSujee Maniyam
 
Performing Network & Security Analytics with Hadoop
Performing Network & Security Analytics with HadoopPerforming Network & Security Analytics with Hadoop
Performing Network & Security Analytics with HadoopDataWorks Summit
 
Optimize Data for the Logical Data Warehouse
Optimize Data for the Logical Data WarehouseOptimize Data for the Logical Data Warehouse
Optimize Data for the Logical Data WarehouseAttunity
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop SecurityChris Nauroth
 
Hadoop Security Now and Future
Hadoop Security Now and FutureHadoop Security Now and Future
Hadoop Security Now and Futuretcloudcomputing-tw
 
Launching your career in Big Data
Launching your career in Big DataLaunching your career in Big Data
Launching your career in Big DataSujee Maniyam
 
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...Secure Search - Using Apache Sentry to Add Authentication and Authorization S...
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...Lucidworks
 

Viewers also liked (20)

Sentry - An Introduction
Sentry - An Introduction Sentry - An Introduction
Sentry - An Introduction
 
Securing Hadoop with Apache Ranger
Securing Hadoop with Apache RangerSecuring Hadoop with Apache Ranger
Securing Hadoop with Apache Ranger
 
Big Data Security and Governance
Big Data Security and GovernanceBig Data Security and Governance
Big Data Security and Governance
 
Hadoop Security Preview
Hadoop Security PreviewHadoop Security Preview
Hadoop Security Preview
 
Integrating hadoop - Big Data TechCon 2013
Integrating hadoop - Big Data TechCon 2013Integrating hadoop - Big Data TechCon 2013
Integrating hadoop - Big Data TechCon 2013
 
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop Clusters
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop ClustersCloudera Federal Forum 2014: Tracking Provenance in Hadoop Clusters
Cloudera Federal Forum 2014: Tracking Provenance in Hadoop Clusters
 
Introduction to Hadoop - The Essentials
Introduction to Hadoop - The EssentialsIntroduction to Hadoop - The Essentials
Introduction to Hadoop - The Essentials
 
Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?Is Your Hadoop Environment Secure?
Is Your Hadoop Environment Secure?
 
Big Data and Cyber Security
Big Data and Cyber SecurityBig Data and Cyber Security
Big Data and Cyber Security
 
Hadoop and Big Data Security
Hadoop and Big Data SecurityHadoop and Big Data Security
Hadoop and Big Data Security
 
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?Security needs in Hadoop’s Current and Future – How Apache Ranger can help?
Security needs in Hadoop’s Current and Future – How Apache Ranger can help?
 
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...
Limitless Data, Rapid Discovery, Powerful Insight: How to Connect Cloudera to...
 
Geek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database SecurityGeek Sync | Understanding Oracle Database Security
Geek Sync | Understanding Oracle Database Security
 
Hadoop security landscape
Hadoop security landscapeHadoop security landscape
Hadoop security landscape
 
Performing Network & Security Analytics with Hadoop
Performing Network & Security Analytics with HadoopPerforming Network & Security Analytics with Hadoop
Performing Network & Security Analytics with Hadoop
 
Optimize Data for the Logical Data Warehouse
Optimize Data for the Logical Data WarehouseOptimize Data for the Logical Data Warehouse
Optimize Data for the Logical Data Warehouse
 
Improvements in Hadoop Security
Improvements in Hadoop SecurityImprovements in Hadoop Security
Improvements in Hadoop Security
 
Hadoop Security Now and Future
Hadoop Security Now and FutureHadoop Security Now and Future
Hadoop Security Now and Future
 
Launching your career in Big Data
Launching your career in Big DataLaunching your career in Big Data
Launching your career in Big Data
 
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...Secure Search - Using Apache Sentry to Add Authentication and Authorization S...
Secure Search - Using Apache Sentry to Add Authentication and Authorization S...
 

Similar to The Future of Hadoop Security - Hadoop Summit 2014

Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoopFighting cyber fraud with hadoop
Fighting cyber fraud with hadoopNiel Dunnage
 
Cloudera GoDataFest Security and Governance
Cloudera GoDataFest Security and GovernanceCloudera GoDataFest Security and Governance
Cloudera GoDataFest Security and GovernanceGoDataDriven
 
大数据数据安全
大数据数据安全大数据数据安全
大数据数据安全Jianwei Li
 
Seeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataSeeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataCloudera, Inc.
 
Intel boubker el mouttahid
Intel boubker el mouttahidIntel boubker el mouttahid
Intel boubker el mouttahidBigDataExpo
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021lior mazor
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud SecurityAkeyless
 
大数据数据治理及数据安全
大数据数据治理及数据安全大数据数据治理及数据安全
大数据数据治理及数据安全Jianwei Li
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceGerardo Pardo-Castellote
 
BigData Security - A Point of View
BigData Security - A Point of ViewBigData Security - A Point of View
BigData Security - A Point of ViewKaran Alang
 
Cloudera training secure your cloudera cluster 7.10.18
Cloudera training secure your cloudera cluster 7.10.18Cloudera training secure your cloudera cluster 7.10.18
Cloudera training secure your cloudera cluster 7.10.18Cloudera, Inc.
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...BigDataEverywhere
 
IoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceIoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceCloudera, Inc.
 
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud RealitiesWebinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud RealitiesDataStax
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsMichael Scheidell
 
Hadoop security implementationon 20171003
Hadoop security implementationon 20171003Hadoop security implementationon 20171003
Hadoop security implementationon 20171003lee tracie
 
Security implementation on hadoop
Security implementation on hadoopSecurity implementation on hadoop
Security implementation on hadoopWei-Chiu Chuang
 
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceWebinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceCipherCloud
 

Similar to The Future of Hadoop Security - Hadoop Summit 2014 (20)

Fighting cyber fraud with hadoop
Fighting cyber fraud with hadoopFighting cyber fraud with hadoop
Fighting cyber fraud with hadoop
 
Cloudera GoDataFest Security and Governance
Cloudera GoDataFest Security and GovernanceCloudera GoDataFest Security and Governance
Cloudera GoDataFest Security and Governance
 
大数据数据安全
大数据数据安全大数据数据安全
大数据数据安全
 
Seeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the DataSeeking Cybersecurity--Strategies to Protect the Data
Seeking Cybersecurity--Strategies to Protect the Data
 
Intel boubker el mouttahid
Intel boubker el mouttahidIntel boubker el mouttahid
Intel boubker el mouttahid
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
 
大数据数据治理及数据安全
大数据数据治理及数据安全大数据数据治理及数据安全
大数据数据治理及数据安全
 
Vault 1.4 launch webinar
Vault 1.4 launch webinar Vault 1.4 launch webinar
Vault 1.4 launch webinar
 
DDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS ConferenceDDS Security for the Industrial Internet - London Connext DDS Conference
DDS Security for the Industrial Internet - London Connext DDS Conference
 
BigData Security - A Point of View
BigData Security - A Point of ViewBigData Security - A Point of View
BigData Security - A Point of View
 
Cloudera training secure your cloudera cluster 7.10.18
Cloudera training secure your cloudera cluster 7.10.18Cloudera training secure your cloudera cluster 7.10.18
Cloudera training secure your cloudera cluster 7.10.18
 
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
Big Data Everywhere Chicago: The Big Data Imperative -- Discovering & Protect...
 
IoT-Enabled Predictive Maintenance
IoT-Enabled Predictive MaintenanceIoT-Enabled Predictive Maintenance
IoT-Enabled Predictive Maintenance
 
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud RealitiesWebinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
Webinar | Aligning GDPR Requirements with Today's Hybrid Cloud Realities
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile Apps
 
Hadoop security implementationon 20171003
Hadoop security implementationon 20171003Hadoop security implementationon 20171003
Hadoop security implementationon 20171003
 
Security implementation on hadoop
Security implementation on hadoopSecurity implementation on hadoop
Security implementation on hadoop
 
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and ComplianceWebinar: Enable ServiceNow with Data Security, Visibility, and Compliance
Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance
 

More from Cloudera, Inc.

Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxCloudera, Inc.
 
Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists Cloudera, Inc.
 
2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards FinalistsCloudera, Inc.
 
Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019Cloudera, Inc.
 
Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19Cloudera, Inc.
 
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19Cloudera, Inc.
 
Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19Cloudera, Inc.
 
Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19Cloudera, Inc.
 
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19Cloudera, Inc.
 
Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19Cloudera, Inc.
 
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19Cloudera, Inc.
 
Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2Cloudera, Inc.
 
Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1Cloudera, Inc.
 
Extending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the PlatformExtending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the PlatformCloudera, Inc.
 
Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18Cloudera, Inc.
 
Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360Cloudera, Inc.
 
Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18Cloudera, Inc.
 
Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18Cloudera, Inc.
 

More from Cloudera, Inc. (20)

Partner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptxPartner Briefing_January 25 (FINAL).pptx
Partner Briefing_January 25 (FINAL).pptx
 
Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists Cloudera Data Impact Awards 2021 - Finalists
Cloudera Data Impact Awards 2021 - Finalists
 
2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists2020 Cloudera Data Impact Awards Finalists
2020 Cloudera Data Impact Awards Finalists
 
Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019Edc event vienna presentation 1 oct 2019
Edc event vienna presentation 1 oct 2019
 
Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19Machine Learning with Limited Labeled Data 4/3/19
Machine Learning with Limited Labeled Data 4/3/19
 
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19Data Driven With the Cloudera Modern Data Warehouse 3.19.19
Data Driven With the Cloudera Modern Data Warehouse 3.19.19
 
Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19Introducing Cloudera DataFlow (CDF) 2.13.19
Introducing Cloudera DataFlow (CDF) 2.13.19
 
Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19Introducing Cloudera Data Science Workbench for HDP 2.12.19
Introducing Cloudera Data Science Workbench for HDP 2.12.19
 
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
Shortening the Sales Cycle with a Modern Data Warehouse 1.30.19
 
Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19Leveraging the cloud for analytics and machine learning 1.29.19
Leveraging the cloud for analytics and machine learning 1.29.19
 
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
Modernizing the Legacy Data Warehouse – What, Why, and How 1.23.19
 
Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18Leveraging the Cloud for Big Data Analytics 12.11.18
Leveraging the Cloud for Big Data Analytics 12.11.18
 
Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3Modern Data Warehouse Fundamentals Part 3
Modern Data Warehouse Fundamentals Part 3
 
Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2Modern Data Warehouse Fundamentals Part 2
Modern Data Warehouse Fundamentals Part 2
 
Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1Modern Data Warehouse Fundamentals Part 1
Modern Data Warehouse Fundamentals Part 1
 
Extending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the PlatformExtending Cloudera SDX beyond the Platform
Extending Cloudera SDX beyond the Platform
 
Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18Federated Learning: ML with Privacy on the Edge 11.15.18
Federated Learning: ML with Privacy on the Edge 11.15.18
 
Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360Analyst Webinar: Doing a 180 on Customer 360
Analyst Webinar: Doing a 180 on Customer 360
 
Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18Build a modern platform for anti-money laundering 9.19.18
Build a modern platform for anti-money laundering 9.19.18
 
Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18Introducing the data science sandbox as a service 8.30.18
Introducing the data science sandbox as a service 8.30.18
 

Recently uploaded

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 

Recently uploaded (20)

Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 

The Future of Hadoop Security - Hadoop Summit 2014

  • 1. The Future of Hadoop Security Matt Brandwein @mattbrandwein David Tishgart @dtish
  • 2. ©2014 Cloudera, Inc. All rights reserved.2
  • 3. ©2014 Cloudera, Inc. All rights reserved.3
  • 4. ©2014 Cloudera, Inc. All rights reserved.4
  • 5. Trusted Data Zone Sensitive Data, Multi-Tenant Access Hadoop “Data Lake” or Sandbox Non-Sensitive Data, Few Users RDBMS ©2014 Cloudera, Inc. All rights reserved. Hadoop is at risk of becoming another silo 5
  • 6. ✔ Meet compliance requirements ✔ Innovate without compromise ✔ Comprehensive security for all data ©2014 Cloudera, Inc. All rights reserved.6
  • 7. ©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage 7
  • 8. ©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Kerberos | AD/LDAP Today: First to market with Kerberos authentication Roadmap: Fully automated Kerberos that leverages existing active directory environment 8
  • 9. ©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Rhino | Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Today: Unified authorization for Hive, Impala, & Search through Apache Sentry Roadmap: Unified authorization across all access paths to data and metadata—Apache Sentry expansion 9
  • 10. ©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Today: First in the market with centralized audit capabilities Roadmap: Extend capabilities to cover more workloads including Spark 10
  • 11. ©2014 Cloudera, Inc. All rights reserved. • Founded: 2010 • Security: Singular product focus and a pillar of company culture. Security is at the front of everything we do • Big Data Expertise: While other security vendors retrofit their solutions for big data, Gazzang’s solutions are designed for the specific demands of Hadoop and NoSQL systems • Customer Success: Nearly 200 paying customers including several in the Fortune 1000 • Named a 2014 Cool Vendor in Big Data by Gartner About Gazzang 11
  • 12. Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved. • We can ensure sensitive data and encryption keys are never stored in plain text nor exposed publicly • We can enable compliance (HIPAA, PCI-DSS, SOX, FERPA, EU data protection) initiatives that require at-rest encryption and key management 12 “I need to meet [insert acronym here] compliance”
  • 13. ©2014 Cloudera, Inc. All rights reserved. When thinking about compliance, consider the following: • Are your encryption processes (algorithm, key length) consistent with NIST Special Publication 800-111? • Are the encryption keys stored on a separate device or location from the encrypted data? • What kind of authentication and access controls are enforced? • Is the data secured in a manner that would enable you to claim “safe harbor” in the event of a breach? • Do the crypto modules meet FIPS 140-2 certification? • Can you account for all the sensitive data that may fall under compliance scope? Not all Data Security is Created Equal 13
  • 14. Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.14 “I want security that won’t impose a harsh penalty” • We provide a transparent layer between the application and file system that dramatically reduces performance impact of encryption • We can make sure only applications that need access to plaintext data will have it
  • 15. Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.15 “I need a centralized way to manage all my hadoop security artifacts” • Navigator key trustee provides cluster-level security, managing the growing volumes of Hadoop encryption keys, certificates, passwords • We can help you bring sensitive digital artifacts under a consistent set of controls and policies
  • 16. Hadoop Security Challenges ©2014 Cloudera, Inc. All rights reserved.16 “It’s critical that no unauthorized parties can access my data” • Navigator encrypt can prevent admins and super users from accessing encrypted data • You can establish a variety of key retrieval policies that dictate who or what can access the secure artifact
  • 17. ©2014 Cloudera, Inc. All rights reserved. How does it work? Navigator encrypt provides transparent encryption for Hadoop data as it’s written to disk • AES-256 encryption for HDFS data, Hive metadata, log files, ingest paths, etc... • Process-based ACLs • High-performance optimized on Intel • Fast, easy deployment and configuration • Enterprise scalability • Keys protected by Navigator key trustee 17
  • 18. ©2014 Cloudera, Inc. All rights reserved. Navigator key trustee is a “virtual safe-deposit box” for managing encrypt keys or any other Hadoop security artifact How does it work? • Separates keys from encrypted data • Centralized management of SSL certificates, SSH keys, tokens, passwords, kerberos keytab files and more • Unique “trustee” and machine-based policies deliver multifactor authentication • Integration with HSMs from Thales, RSA and SafeNet • Multiple deployment options include on- prem or hosted SaaS offering 18
  • 19. ©2014 Cloudera, Inc. All rights reserved. Introducing the Cloudera Center for Security Excellence • Based in Austin, Texas • Comprehensive data and cluster security technologies • Hadoop security test and certification lab • Security ecosystem partner enablement • Intel chipset, cloud and virtualization security alignment `19
  • 20. ©2014 Cloudera, Inc. All rights reserved. Hadoop Security Successes 20 • Health exchange for Minnesota • Using Cloudera to log, track and run analytics on interactions between case workers and consumers • The ability to drive data privacy and HIPAA compliance on Hadoop were critical requirements and key factors in the selections of Cloudera and Gazzang • Surprised by the performance and ease of use • Wanted to get to know its customers better in an effort to improve service and sniff out fraud • Massive amount of personal and PCI data being collected, the company is encrypting everything in its Hadoop cluster • Data is segregated with Apache Sentry (incubating) and Kerberos, monitored by Cloudera Navigator and encrypted by Gazzang • Key manager and process-based ACL’s enable separation of keys and data based on “business need to know”
  • 21. ©2014 Cloudera, Inc. All rights reserved. Key Requirements for Security in Hadoop Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee Previous: Cloudera Partners Today: Transparent Encryption + Enterprise Key Management Roadmap: Transparent Encryption for HDFS (includes work-through Project Rhino) + Enterprise Key Management 21
  • 22. ©2014 Cloudera, Inc. All rights reserved. Result: Cloudera is the most secure Hadoop platform Perimeter Guarding access to the cluster itself Technical Concepts: Authentication Network isolation Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Kerberos | AD/LDAP Access Defining what users and applications can do with data Technical Concepts: Permissions Authorization Rhino | Sentry Visibility Reporting on where data came from and how it’s being used Technical Concepts: Auditing Lineage Cloudera Navigator Data Protecting data in the cluster from unauthorized visibility Technical Concepts: Encryption, Tokenization, Data masking Encrypt | Key Trustee 22
  • 23. Batch Processing Analytic MPP SQL Search Engine Machine Learning Stream Processing End-to-End, Zero-Downtime System Administration Workload & Resource Management 3rd Party Apps Distributed Filesystem Online NoSQL Database Access Control Authorization Perimeter Authentication Data Protection Encryption, Key Management Data Lifecycle BDR, Snapshots Data Visibility Audit, Lineage ANALYTIC & PROCESSING ENGINES SYSTEMS MANAGEMENT UNIFIED DATA STORAGE & INTEGRATION SECURITY & GOVERNANCE CLOUDERA ENTERPRISE 5 Comprehensive, Transparent,Compliance-ReadySecurity ©2014 Cloudera, Inc. All rights reserved.23
  • 24. Batch Processing Analytic MPP SQL Search Engine Machine Learning Stream Processing End-to-End, Zero-Downtime System Administration Workload & Resource Management 3rd Party Apps Distributed Filesystem Online NoSQL Database Access Control Authorization Perimeter Authentication Data Protection Encryption, Key Management Data Lifecycle BDR, Snapshots Data Visibility Audit, Lineage ANALYTIC & PROCESSING ENGINES SYSTEMS MANAGEMENT UNIFIED DATA STORAGE & INTEGRATION SECURITY & GOVERNANCE CLOUDERA ENTERPRISE 5 Comprehensive, Transparent,Compliance-ReadySecurity ©2014 Cloudera, Inc. All rights reserved.24
  • 25. ©2014 Cloudera, Inc. All rights reserved. Cloudera’s Vision for Hadoop Security Compliance-Ready Comprehensive Transparent • Standards-based Authentication • Centralized, Granular Authorization • Native Data Protection • End-to-End Data Audit and Lineage • Meet compliance requirements • HIPAA, PCI-DSS, … • Encryption and key management • Security at the core • Minimal performance impact • Compatible with new components • Insight with compliance 25
  • 26. ©2014 Cloudera, Inc. All rights reserved. Thank you! @mattbrandwein @dtish Visit our booths to learn more: 26