Presentation is loading. Please wait.

Presentation is loading. Please wait.

Institute for Cyber Security

Published byOswin Edwin Anthony Modified over 6 years ago

Similar presentations

Presentation on theme: "Institute for Cyber Security"— Presentation transcript:

1 Institute for Cyber Security
Multi-Layer Authorization Framework for a Representative Hadoop Ecosystem Deployment Maanak Gupta, Farhan Patwa, James Benson, and Ravi Sandhu Institute for Cyber Security and Department of Computer Science University of Texas at San Antonio 22nd ACM Symposium on Access Control Models and Technologies (SACMAT) June 21-23, 2017, Indianapolis, IN, USA © Maanak Gupta World-Leading Research with Real-World Impact!

2 World-Leading Research with Real-World Impact!
Agenda Introduction and Motivation Multi-layer Access Control Hadoop Ecosystem Authorization Architecture Access Control Mechanisms and Policy Configuration Points Conclusion © Maanak Gupta World-Leading Research with Real-World Impact!

3 Big Data and Big Challenges
IDC 2025 : global “datasphere” – 163 zettabytes 10x than 2016 Opportunities: 21st century gold for data miners Big Data require “Big Systems” Security: Secure Storage Privacy Concerns (e.g. HIPPA) Fine granular access requirements © Maanak Gupta World-Leading Research with Real-World Impact!

4 World-Leading Research with Real-World Impact!
Hadoop Ecosystem Hadoop: resilient, cost efficient distributed storage (HDFS) and processing framework (MapReduce) and YARN Ecosystem = Hadoop core + Open-Source Projects Hadoop Data Lake Security Concerns © Maanak Gupta World-Leading Research with Real-World Impact!

5 Multi-Layer Access Control
Data and Service Objects Services Cluster Resources and Applications HDFS Files, Hive Tables Kafka Topics HDFS NameNode, YARN ResourceManager Apache Hive YARN Queues, Cluster Nodes © Maanak Gupta World-Leading Research with Real-World Impact!

6 Authorization Architecture
Hadoop Ecosystem Authorization Architecture © Maanak Gupta World-Leading Research with Real-World Impact!

7 Hadoop and Data Services Access
Hadoop Daemons Access Configuration WebHDFS Access via Apache Knox © Maanak Gupta World-Leading Research with Real-World Impact!

8 World-Leading Research with Real-World Impact!
Data Objects Access Hive and HDFS Access Configurations © Maanak Gupta World-Leading Research with Real-World Impact!

9 World-Leading Research with Real-World Impact!
Data Objects Access Authorization Options and End User Impersonation © Maanak Gupta World-Leading Research with Real-World Impact!

10 World-Leading Research with Real-World Impact!
Data Objects Access Tag Based Policy Configuration © Maanak Gupta World-Leading Research with Real-World Impact!

11 World-Leading Research with Real-World Impact!
Data Objects Access Data Masking and Column Filtering © Maanak Gupta World-Leading Research with Real-World Impact!

12 Context Enricher and Policy Conditions
Geo Location Based Policies © Maanak Gupta World-Leading Research with Real-World Impact!

13 Context Enricher and Policy Conditions
Data Combination Prohibition © Maanak Gupta World-Leading Research with Real-World Impact!

14 Cluster Resource and Application Access
root root access rights default newQueue YARN Queue Access Control Configuration © Maanak Gupta World-Leading Research with Real-World Impact!

15 Cluster Resource and Application Access
Queue and Job Level Access Control Cluster Nodes Configuration © Maanak Gupta World-Leading Research with Real-World Impact!

16 Conclusion Secure Hadoop Ecosystem ‘Defense in Depth’
Data and Service Objects Hadoop And Services Cluster Resource and Application © Maanak Gupta World-Leading Research with Real-World Impact!

Download ppt "Institute for Cyber Security"

Similar presentations

Map/Reduce in Practice Hadoop, Hbase, MongoDB, Accumulo, and related Map/Reduce- enabled data stores.

Map/Reduce in Practice Hadoop, Hbase, MongoDB, Accumulo, and related Map/Reduce- enabled data stores.
A Hadoop Overview. Outline Progress Report MapReduce Programming Hadoop Cluster Overview HBase Overview Q & A.

A Hadoop Overview. Outline Progress Report MapReduce Programming Hadoop Cluster Overview HBase Overview Q & A.
University of Minnesota CG_Hadoop: Computational Geometry in MapReduce Ahmed Eldawy* Yuan Li* Mohamed F. Mokbel*$ Ravi Janardan* * Department of Computer.

University of Minnesota CG_Hadoop: Computational Geometry in MapReduce Ahmed Eldawy* Yuan Li* Mohamed F. Mokbel*$ Ravi Janardan* * Department of Computer.
Authors: Thilina Gunarathne, Tak-Lon Wu, Judy Qiu, Geoffrey Fox Publish: HPDC'10, June 20–25, 2010, Chicago, Illinois, USA. 2010 ACM Speaker: Jia Bao Lin.

Authors: Thilina Gunarathne, Tak-Lon Wu, Judy Qiu, Geoffrey Fox Publish: HPDC'10, June 20–25, 2010, Chicago, Illinois, USA ACM Speaker: Jia Bao Lin.
Hadoop tutorials. Todays agenda Hadoop Introduction and Architecture Hadoop Distributed File System MapReduce Spark 2.

Hadoop tutorials. Todays agenda Hadoop Introduction and Architecture Hadoop Distributed File System MapReduce Spark 2.
Secure Information and Resource Sharing in CloudSecure Information and Resource Sharing in Cloud References OSAC-SID Model [1]K. Harrison and G. White.

Secure Information and Resource Sharing in CloudSecure Information and Resource Sharing in Cloud References OSAC-SID Model [1]K. Harrison and G. White.
Hadoop Ecosystem Overview

Hadoop Ecosystem Overview
Presented by CH.Anusha.  Apache Hadoop framework  HDFS and MapReduce  Hadoop distributed file system  JobTracker and TaskTracker  Apache Hadoop NextGen.

Presented by CH.Anusha.  Apache Hadoop framework  HDFS and MapReduce  Hadoop distributed file system  JobTracker and TaskTracker  Apache Hadoop NextGen.
Hadoop Basics -Venkat Cherukupalli. What is Hadoop? Open Source Distributed processing Large data sets across clusters Commodity, shared-nothing servers.

Hadoop Basics -Venkat Cherukupalli. What is Hadoop? Open Source Distributed processing Large data sets across clusters Commodity, shared-nothing servers.
Introduction to Apache Hadoop Zibo Wang. Introduction  What is Apache Hadoop?  Apache Hadoop is a software framework which provides open source libraries.

Introduction to Apache Hadoop Zibo Wang. Introduction  What is Apache Hadoop?  Apache Hadoop is a software framework which provides open source libraries.
Programming in Hadoop Guangda HU Huayang GUO

Programming in Hadoop Guangda HU Huayang GUO
Distributed Process Discovery From Large Event Logs Sergio Hernández de Mesa {

Distributed Process Discovery From Large Event Logs Sergio Hernández de Mesa {
INTRODUCTION TO HADOOP. OUTLINE  What is Hadoop  The core of Hadoop  Structure of Hadoop Distributed File System  Structure of MapReduce Framework.

INTRODUCTION TO HADOOP. OUTLINE  What is Hadoop  The core of Hadoop  Structure of Hadoop Distributed File System  Structure of MapReduce Framework.
Learn. Hadoop Online training course is designed to enhance your knowledge and skills to become a successful Hadoop developer and In-depth knowledge of.

Learn. Hadoop Online training course is designed to enhance your knowledge and skills to become a successful Hadoop developer and In-depth knowledge of.
What is it and why it matters? Hadoop. What Is Hadoop? Hadoop is an open-source software framework for storing data and running applications on clusters.

What is it and why it matters? Hadoop. What Is Hadoop? Hadoop is an open-source software framework for storing data and running applications on clusters.
Microsoft Partner since 2011

Microsoft Partner since 2011
Object-to-Object Relationship Based Access Control: Model and Multi-Cloud Demonstration Tahmina Ahmed, Farhan Patwa and Ravi Sandhu Department of Computer.

Object-to-Object Relationship Based Access Control: Model and Multi-Cloud Demonstration Tahmina Ahmed, Farhan Patwa and Ravi Sandhu Department of Computer.
Leverage Big Data With Hadoop Analytics Presentation by Ravi Namboori Visit

Leverage Big Data With Hadoop Analytics Presentation by Ravi Namboori Visit
Big Data & Test Automation

Big Data & Test Automation
Protecting a Tsunami of Data in Hadoop

Protecting a Tsunami of Data in Hadoop

Similar presentations

Ads by Google