Rating: 0 out of 5 stars
0 ratings
Ebook238 pages2 hours
Securing Hadoop
Rating: 4 out of 5 stars
4/5
()
About this ebook
This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It’s assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.
Related to Securing Hadoop
Related ebooks
Cloudera Administration Handbook Apache Oozie Essentials Rating: 0 out of 5 stars0 ratingsPractical OneOps Rating: 0 out of 5 stars0 ratingsApache Spark 2.x Cookbook Rating: 0 out of 5 stars0 ratingsMonitoring Elasticsearch Rating: 0 out of 5 stars0 ratingsApache Hive Essentials Rating: 0 out of 5 stars0 ratingsNeo4j High Performance Rating: 0 out of 5 stars0 ratingsHadoop Cluster Deployment Rating: 0 out of 5 stars0 ratingsElasticsearch for Hadoop Rating: 0 out of 5 stars0 ratingsLearning Apache Mahout Classification Rating: 0 out of 5 stars0 ratingsApache Mahout Essentials Rating: 0 out of 5 stars0 ratingsMongoDB High Availability Rating: 5 out of 5 stars5/5Git Best Practices Guide Rating: 0 out of 5 stars0 ratingsElasticsearch Indexing Rating: 0 out of 5 stars0 ratingsMariaDB High Performance Rating: 0 out of 5 stars0 ratingsMaven Essentials Rating: 0 out of 5 stars0 ratingsMastering Apache Cassandra - Second Edition Rating: 0 out of 5 stars0 ratingsMonitoring Docker Rating: 0 out of 5 stars0 ratingsPostgreSQL Development Essentials Rating: 5 out of 5 stars5/5PostgreSQL 11 Administration Cookbook: Over 175 recipes for database administrators to manage enterprise databases Rating: 0 out of 5 stars0 ratingsImplementing Azure Solutions Rating: 0 out of 5 stars0 ratingsBig Data Forensics – Learning Hadoop Investigations Rating: 0 out of 5 stars0 ratingsMonitoring Hadoop Rating: 0 out of 5 stars0 ratingsLearning Windows Server Containers Rating: 0 out of 5 stars0 ratingsBuilding Web Applications with Python and Neo4j Rating: 0 out of 5 stars0 ratingsCassandra Design Patterns - Second Edition Rating: 0 out of 5 stars0 ratingsLearning Docker - Second Edition Rating: 0 out of 5 stars0 ratingsCentOS High Performance Rating: 0 out of 5 stars0 ratingsEffective Python Penetration Testing Rating: 0 out of 5 stars0 ratingsHadoop in Practice Rating: 0 out of 5 stars0 ratings
Enterprise Applications For You
Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Systems Thinking: Managing Chaos and Complexity: A Platform for Designing Business Architecture Rating: 4 out of 5 stars4/5The Ridiculously Simple Guide to Google Docs: A Practical Guide to Cloud-Based Word Processing Rating: 0 out of 5 stars0 ratingsScrivener For Dummies Rating: 4 out of 5 stars4/5Enterprise AI For Dummies Rating: 3 out of 5 stars3/5Bitcoin For Dummies Rating: 4 out of 5 stars4/5The New Email Revolution: Save Time, Make Money, and Write Emails People Actually Want to Read! Rating: 5 out of 5 stars5/5Create Income through Self-Publishing: An Author's Approach on Generating Wealth by Self-Publishing Rating: 5 out of 5 stars5/5Excel Formulas That Automate Tasks You No Longer Have Time For Rating: 5 out of 5 stars5/5QuickBooks 2024 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratingsExcel 2016 For Dummies Rating: 4 out of 5 stars4/5Excel 2019 For Dummies Rating: 3 out of 5 stars3/5QuickBooks 2023 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsEssential Office 365 Third Edition: The Illustrated Guide to Using Microsoft Office Rating: 3 out of 5 stars3/550 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Change Management for Beginners: Understanding Change Processes and Actively Shaping Them Rating: 5 out of 5 stars5/5ConfigMgr - An Administrator's Guide to Deploying Applications using PowerShell Rating: 5 out of 5 stars5/5QuickBooks 2021 For Dummies Rating: 0 out of 5 stars0 ratingsLearn SQLite in 24 Hours Rating: 0 out of 5 stars0 ratingsNotion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/5Microsoft Outlook 2016/2019/365 User Guide Rating: 5 out of 5 stars5/5Excel : The Complete Ultimate Comprehensive Step-By-Step Guide To Learn Excel Programming Rating: 0 out of 5 stars0 ratings
Related podcast episodes
A Practical Approach to Cloud-native Patterns 0% found this document usefulReflections On Designing A Data Platform From Scratch: A monologue by Tobias Macey, the host of the show, about the design considerations involved in building a data platform and how the lessons learned from running the Data Engineering Podcast are influencing the choices made. 100% found this document useful433: Falling for FastAPI: Mike's falling in love with FastAPI and gives us a hint at the next project he's building. 0% found this document usefulThe Rust Programming Language: with Steve Klabnik and Yehuda Katz 0% found this document usefulProduction data labeling workflows: with Mark Christensen, CEO of Xelex.ai 0% found this document usefulEP 01: The Best of SpringOne 2021 (ft. Dan Vega) 0% found this document usefulTaking A Tour Of PostgreSQL with Jonathan Katz - Episode 42: A Whirlwind Tour Of The PostgreSQL Database (Interview) 100% found this document useful#21 - Domain-Driven Design and Event-Driven Architecture - Vaughn Vernon 0% found this document usefulBig breaches (and how to avoid them): with Neil Daswani 0% found this document useful
Related articles
Automatically Provision Devices With Ansible Linux FormatArticle
Automatically Provision Devices With Ansible
Nov 15, 2022
Matt Holder has worked in IT support for over a decade, and always tries to utilise Linux alongside other installed systems. C loud computing is a term that means a number of things. Software as a Service (SaaS) is one such example of what can be hos
9 min readElasticsearch And Kibana Basics Linux FormatArticle
Elasticsearch And Kibana Basics
Dec 15, 2020
1 min readAn Introduction To Rabbitmq Linux FormatArticle
An Introduction To Rabbitmq
Jun 29, 2021
RabbitMQ is a Message Broker, which means that it can safely hold messages generated by applications and make them available to other applications. The main advantages are reliability, support for clustering and high-availability queues, tracing capa
1 min readBuild A Search And Analytic Engine Linux FormatArticle
Build A Search And Analytic Engine
Mar 10, 2020
7 min readMetrics & Visuals In Go Linux FormatArticle
Metrics & Visuals In Go
Nov 17, 2020
Mihalis Tsoukalos is a DataOps engineer and a technical writer. He’s the author of Go Systems Programming and Mastering Go, 2nd edition. The subject of this tutorial is two-fold. First, it’s about creating a Go application that exports metrics to P
7 min readAre Docker Containers a Good Idea for Laptops? Maximum PCArticle
Are Docker Containers a Good Idea for Laptops?
Mar 31, 2020
Docker containers are cool. If you haven’t yet played with Docker, you’re missing a large world of easily deployed applications. For example, I can deploy NodeRed, Plex, Jupyter Lab, and Nextcloud servers, and run them behind a Traefik reverse proxy
2 min readQEMU, KVM And The Other Ones Linux FormatArticle
QEMU, KVM And The Other Ones
Feb 9, 2021
4 min readMailserver Linux FormatArticle
Mailserver
Oct 19, 2021
3 min readPassword Managers Linux FormatArticle
Password Managers
Feb 6, 2024
14 min readBuild And Compile For Embedded Systems Linux FormatArticle
Build And Compile For Embedded Systems
Nov 17, 2020
Mats Tage Axelsson and a whole pile of compiling time. Mats Tage Axelsson has spent decades figuring out reasons to use Linux computers while sacrificing real social interactions. Embedded systems are small, specialised units with a key attribute
4 min readArtificial Intelligence Rules Of The Road Linux FormatArticle
Artificial Intelligence Rules Of The Road
Nov 14, 2023
AI FOR ALL! Anyone who works with computers needs to understand that AI will undoubtedly change how work is executed. That said, I don’t think we are anywhere near the much bleated “Everyone will lose their jobs!” IT-related jobs will change but they
2 min readPassword Managers APCArticle
Password Managers
Nov 6, 2023
11 min readEnterprise Soaring Success Linux FormatArticle
Enterprise Soaring Success
Aug 27, 2019
7 min readBest Password Managers For Your Android Device Android AdvisorArticle
Best Password Managers For Your Android Device
Jul 5, 2023
7 min readBuild A Pi-powered Network Storage Device Linux FormatArticle
Build A Pi-powered Network Storage Device
Dec 14, 2021
10 min readAlso Consider… Linux FormatArticle
Also Consider…
Nov 17, 2020
There are quite a few pen-testing distros out there and we’ve already covered the ones that are actively maintained in this Roundup. A better bet instead would be to look for pen-testing tools inside security-focused distros that might also include t
1 min read“We’re Learning As We Go And Accepting Any False Starts As Being A Part Of The Process” PC Pro MagazineArticle
“We’re Learning As We Go And Accepting Any False Starts As Being A Part Of The Process”
Jul 8, 2021
6 min readBuilding A Better File Server With The Pi APCArticle
Building A Better File Server With The Pi
Dec 27, 2021
4 min read2 The Use of Python in AI and ML TechfastlyArticle
2 The Use of Python in AI and ML
Nov 30, 2020
3 min readData-driven Decision Making That Uses Data, Mind And Heart The European Business ReviewArticle
Data-driven Decision Making That Uses Data, Mind And Heart
Jan 31, 2020
14 min readExpressVPN Linux FormatArticle
ExpressVPN
Sep 19, 2023
3 min readBuilding A Better File Server With The Pi Linux FormatArticle
Building A Better File Server With The Pi
Sep 21, 2021
Running your own cloud storage server saves money, allows you to expand storage as necessary, and can be done with a device as small as a Raspberry Pi. Our previous guide to setting up a Nextcloud server on the Raspberry Pi (LXF280) covered everythin
4 min readHot Picks Linux FormatArticle
Hot Picks
Mar 9, 2021
13 min readSet Up A Production- Ready Web Server APCArticle
Set Up A Production- Ready Web Server
Nov 4, 2019
8 min readCraft A Perfect Personal Document Library iCreateArticle
Craft A Perfect Personal Document Library
Jan 26, 2023
There are countless apps available that can be used to organise your notes and also many word processors designed to help you create smart-looking documents, but Craft aims to do both in style. The idea is to include a huge number of advanced documen
1 min readTaking the Edge Off Residential Tech TodayArticle
Taking the Edge Off
Jun 28, 2019
3 min readCalicoPie Family Historian 7 ComputeractiveArticle
CalicoPie Family Historian 7
Mar 24, 2021
SOFTWARE | £60 from Family Historian Store www.snipca.com/37615 If you’ve ever researched your family tree, you’ll know it’s much harder than the BBC’s celebrity genealogy programme Who Do You Think You Are? makes it appear. You’ll certainly need to
2 min readTurn Your Raspberry Pi Into A Cloud Server Linux FormatArticle
Turn Your Raspberry Pi Into A Cloud Server
Aug 24, 2021
6 min readShare Photos With Clients Digital PhotographerArticle
Share Photos With Clients
Mar 21, 2023
2 min readIt’s A Virtual Serverworld Linux FormatArticle
It’s A Virtual Serverworld
Sep 21, 2021
9 min read
Reviews for Securing Hadoop
Rating: 4 out of 5 stars
4/5
2 ratings0 reviews
Book preview
Securing Hadoop - Sudheesh Narayanan
Table of Contents
Securing Hadoop
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. Hadoop Security Overview
Why do we need to secure Hadoop?
Challenges for securing the Hadoop ecosystem
Key security considerations
Reference architecture for Big Data security
Summary
2. Hadoop Security Design
What is Kerberos?
Key Kerberos terminologies
How Kerberos works?
Kerberos advantages
The Hadoop default security model without Kerberos
Hadoop Kerberos security implementation
User-level access controls
Service-level access controls
User and service authentication
Delegation Token
Job Token
Block Access Token
Summary
3. Setting Up a Secured Hadoop Cluster
Prerequisites
Setting up Kerberos
Installing the Key Distribution Center
Configuring the Key Distribution Center
Establishing the KDC database
Setting up the administrator principal for KDC
Starting the Kerberos daemons
Setting up the first Kerberos administrator
Adding the user or service principals
Configuring LDAP as the Kerberos database
Supporting AES-256 encryption for a Kerberos ticket
Configuring Hadoop with Kerberos authentication
Setting up the Kerberos client on all the Hadoop nodes
Setting up Hadoop service principals
Creating a keytab file for the Hadoop services
Distributing the keytab file for all the slaves
Setting up Hadoop configuration files
HDFS-related configurations
MRV1-related configurations
MRV2-related configurations
Setting up secured DataNode
Setting up the TaskController class
Configuring users for Hadoop
Automation of a secured Hadoop deployment
Summary
4. Securing the Hadoop Ecosystem
Configuring Kerberos for Hadoop ecosystem components
Securing Hive
Securing Hive using Sentry
Securing Oozie
Securing Flume
Securing Flume sources
Securing Hadoop sink
Securing a Flume channel
Securing HBase
Securing Sqoop
Securing Pig
Best practices for securing the Hadoop ecosystem components
Summary
5. Integrating Hadoop with Enterprise Security Systems
Integrating Enterprise Identity Management systems
Configuring EIM integration with Hadoop
Integrating Active-Directory-based EIM with the Hadoop ecosystem
Accessing a secured Hadoop cluster from an enterprise network
HttpFS
HUE
Knox Gateway Server
Summary
6. Securing Sensitive Data in Hadoop
Securing sensitive data in Hadoop
Approach for securing insights in Hadoop
Securing data in motion
Securing data at rest
Implementing data encryption in Hadoop
Summary
7. Security Event and Audit Logging in Hadoop
Security Incident and Event Monitoring in a Hadoop Cluster
The Security Incident and Event Monitoring (SIEM) system
Setting up audit logging in a secured Hadoop cluster
Configuring Hadoop audit logs
Summary
A. Solutions Available for Securing Hadoop
Hadoop distribution with enhanced security support
Automation of a secured Hadoop cluster deployment
Cloudera Manager
Zettaset
Different Hadoop data encryption options
Dataguise for Hadoop
Gazzang zNcrypt
eCryptfs for Hadoop
Securing the Hadoop ecosystem with Project Rhino
Mapping of security technologies with the reference architecture
Infrastructure security
OS and filesystem security
Application security
Network perimeter security
Data masking and encryption
Authentication and authorization
Audit logging, security policies, and procedures
Security Incident and Event Monitoring
Index
Securing Hadoop
Securing Hadoop
Copyright © 2013 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: November 2013
Production Reference: 1181113
Published by Packt Publishing
Ltd.Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78328-525-9
www.packtpub.com
Cover Image by Ravaji Babu (<ravaji_babu@outlook.com>)
Credits
Author
Sudheesh Narayanan
Reviewers
Mark Kerzner
Nitin Pawar
Acquisition Editor
Antony Lowe
Commissioning Editor
Shaon Basu
Technical Editors
Amit Ramadas
Amit Shetty
Project Coordinator
Akash Poojary
Proofreader
Ameesha Green
Indexer
Rekha Nair
Graphics
Sheetal Aute
Ronak Dhruv
Valentina D'silva
Disha Haria
Abhinash Sahu
Production Coordinator
Nilesh R. Mohite
Cover Work
Nilesh R. Mohite
About the Author
Sudheesh Narayanan is a Technology Strategist and Big Data Practitioner with expertise in technology consulting and implementing Big Data solutions. With over 15 years of IT experience in Information Management, Business Intelligence, Big Data & Analytics, and Cloud & J2EE application development, he provided his expertise in architecting, designing, and developing Big Data products, Cloud management platforms, and highly scalable platform services. His expertise in Big Data includes Hadoop and its ecosystem components, NoSQL databases (MongoDB, Cassandra, and HBase), Text Analytics (GATE and OpenNLP), Machine Learning (Mahout, Weka, and R), and Complex Event Processing.
Sudheesh is currently working with Genpact as the Assistant Vice President and Chief Architect – Big Data, with focus on driving innovation and building Intellectual Property assets, frameworks, and solutions. Prior to Genpact, he was the co-inventor and Chief Architect of the Infosys BigDataEdge product.
I would like to thank my wife, Smita and son, Aryan for their sacrifices and support during this journey, and my dad, mom, and sister for encouraging me at all times to make a difference by contributing back to the community. This book would not have been possible without their encouragement and constant support.
Special thanks to Rupak and Debika for investing their personal time over weekends to help me experiment with a few ideas on Hadoop security, and for being the bouncing board.
I would like to thank Shwetha, Sivaram, Ajay, Manpreet, and Venky for providing constant feedback and helping me make continuous improvements in my securing Hadoop journey.
Above all, I would like to acknowledge my sincere thanks to my teacher, Prof. N. C. Jain; my leaders and coach Paddy, Vishnu Bhat, Sandeep Bhagat, Jaikrishnan, Anil D'Souza, and KNM Rao for their mentoring and guidance in making me who I am today, so that I could write this book.
About the Reviewers
Mark Kerzner holds degrees in Law, Math, and Computer Science. He has been designing software for many years and Hadoop-based systems since 2008. He is the President of SHMsoft, a provider of Hadoop applications for various verticals, and a co-author of the Hadoop illuminated book/project. He has authored and co-authored books and patents.
I would like to acknowledge the help of my colleagues, in particular, Sujee Maniyam, and last but not the least, my multitalented family.
Nitin Pawar started his career as a Release Engineer and Tools Developer, then moved into different roles such as operations, solutions engineering, process engineering, and Big Data analytics. Currently, he is working as a Big Data System Architect, and trying to solve problems related to customer success management. He has mainly been working with technologies revolving around the first generation Hadoop ecosystem.
www.PacktPub.com
Support files, eBooks, discount offers and more
You might want to visit www.PacktPub.com for support files and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
http://PacktLib.PacktPub.com
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books.
Why
Enjoying the preview?
Page 1 of 1