Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Verification and Validation 1 Security over Hadoop - Map-Reduce as a Service Team Sofia Neata Sorin Dascalu Tiberiu Popa Tudor Scurtu November.

Published byDominic Glenn Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Verification and Validation 1 Security over Hadoop - Map-Reduce as a Service Team Sofia Neata Sorin Dascalu Tiberiu Popa Tudor Scurtu November."— Presentation transcript:

1 Software Verification and Validation 1 Security over Hadoop - Map-Reduce as a Service Team Sofia Neata Sorin Dascalu Tiberiu Popa Tudor Scurtu November 19, 2012

2 Software Verification and Validation 2 Map Reduce & Hadoop  Map Reduce  “a programming model and an associated implementation for processing and generating large data sets”  Large clusters of commoditiy machines  Highly scalable  Hadoop  An open-source implementation of the MapReduce framework  Top project of the Apache Foundation  Used in companies like: Yahoo, Cloudera etc

3 Software Verification and Validation 3 Hadoop Problem & Proposed Solution  Problem  No security mechanism when using Hadoop  Solution  A web-server which servers both as a layer of security in accessing Hadoop and also as an interface towards solving Map-Reduce problems.  Customers  medium to large companies that require regular distributed computation and distributed permanent storage capabilities.

4 Software Verification and Validation 4 Solution Hadoop Request Response

5 Software Verification and Validation 5 Solution Hadoop Request Response Hadoop Request Response Authentification Server Request Response

6 Software Verification and Validation 6 Functionality  Create new user and environment  The costumer contacts the system administrator  Delete users and environment  The costumer contacts the system administrator  Login  Logout  Create other users inside an existing enviroment  Delete other users inside an existing enviroment

7 Software Verification and Validation 7 Functionality(2)  Browse data from an environment  Download data from an environment  Upload data to an environment  Schedule map-reduce jobs in an environment

8 Software Verification and Validation 8 User Interface Requirements  Underlying storage access  Simple GET and POST HTTP methods  Schedule Map-Reduce jobs  HTTP methods

9 Software Verification and Validation 9 Security Requirements  Security layer using the web-server  Different access levels for costumers  Forms of security/authentification via HTTP  HTTPS – using TLS/SSL certificates  A signed certificate from a CA  Passwords can be kept in clear text  SHA hashes for password/other sensitive data  Vulnerable to man-in-the-middle attacks  NTLM  Secure challenge/response mechanism  Prevents password capture or replay attacks over HTTP

10 Software Verification and Validation 10 System Requirements  Hadoop cluster  Minimum five machines  Linux operating system  Hadoop and HTTP web-server with security capabilities  Cluster configuration based on costumer requirements  Memory  Computing performance  Storage capabilities

11 Software Verification and Validation 11 User Requirements  Large storage space  Cheap – amortized over time  Reliable – no data loss in case of software and hardware incidents  Large processing capabilities  Cheap – amortized over time  Fast – distributed  Failsafe – guarantee that the processing will complete in case of software or hardware failure  Secure access to previously enumerated items  No unauthorized access to data or to metainformation  Isolated from other clients actions

12 Software Verification and Validation 12 Specification

13 Software Verification and Validation 13 Conclusion  Authentification web-server over Hadoop  Different access level  HTTP methods  Security/authentification over Hadoop  Disadvantages  Tedious management and administration of a private cluster

Download ppt "Software Verification and Validation 1 Security over Hadoop - Map-Reduce as a Service Team Sofia Neata Sorin Dascalu Tiberiu Popa Tudor Scurtu November."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Cloud Computing: hadoop Security Design -2009

Cloud Computing: hadoop Security Design -2009
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Amazon Web Services and Eucalyptus

Amazon Web Services and Eucalyptus
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
June 22-23, 2005 Technology Infusion Team Committee1 High Performance Parallel Lucene search (for an OAI federation) K. Maly, and M. Zubair Department.

June 22-23, 2005 Technology Infusion Team Committee1 High Performance Parallel Lucene search (for an OAI federation) K. Maly, and M. Zubair Department.
Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.

Trusted Platform Modules: Building a Trusted Software Stack and Remote Attestation Dane Brandon, Hardeep Uppal CSE551 University of Washington.
GGF Toronto 19.02.02 Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.

GGF Toronto Spitfire A Relational DB Service for the Grid Peter Z. Kunszt European DataGrid Data Management CERN Database Group.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.
Wide-area cooperative storage with CFS

Wide-area cooperative storage with CFS
Operating Systems: Principles and Practice

Operating Systems: Principles and Practice
Making Apache Hadoop Secure Devaraj Das Yahoo’s Hadoop Team.

Making Apache Hadoop Secure Devaraj Das Yahoo’s Hadoop Team.
At the North of England Institute of Mining and Mechanical Engineers Library, Newcastle upon Tyne.

At the North of England Institute of Mining and Mechanical Engineers Library, Newcastle upon Tyne.
Authentication Approaches over Internet Jia Li

Authentication Approaches over Internet Jia Li
Cloud MapReduce : a MapReduce Implementation on top of a Cloud Operating System Speaker : 童耀民 MA1G0222 2013.06.11 Authors: Huan Liu, Dan Orban Accenture.

Cloud MapReduce : a MapReduce Implementation on top of a Cloud Operating System Speaker : 童耀民 MA1G Authors: Huan Liu, Dan Orban Accenture.
Committed to Deliver….  We are Leaders in Hadoop Ecosystem.  We support, maintain, monitor and provide services over Hadoop whether you run apache Hadoop,

Committed to Deliver….  We are Leaders in Hadoop Ecosystem.  We support, maintain, monitor and provide services over Hadoop whether you run apache Hadoop,
Building service testbeds on FIRE D5.2.5 Virtual Cluster on Federated Cloud Demonstration Kit August 2012 Version 1.0 Copyright © 2012 CESGA. All rights.

Building service testbeds on FIRE D5.2.5 Virtual Cluster on Federated Cloud Demonstration Kit August 2012 Version 1.0 Copyright © 2012 CESGA. All rights.
© 2005-07 NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.

Similar presentations

Ads by Google