|#The awesome basics about Hadoop Security:|
We live in a very insecure world. Starting with the key to your home's front door to those all-important virtual keys, your passwords, everything needs to be secured—and well. In the world of Big Data where humongous amounts of data are processed, transformed, and stored, it's all the more important to secure your data.
Imagine if your company spent a couple of million dollars installing a Hadoop cluster to gather and analyze your customers' spending habits for a product category using a Big Data solution.
Because that solution was not secure, your competitor got access to that data and your sales dropped 20% for that product category.
How did the system allow unauthorized access to data?
Wasn't there any authentication mechanism in place?
Why were there no alerts? This scenario should make you think about the importance of security, especially where sensitive data is involved.
- Although Hadoop does have inherent security concerns due to its distributed architecture the situation described is extremely unlikely to occur on a Hadoop installation that's managed securely. A Hadoop installation that has clearly defined user roles and multiple levels of authentication (and encryption) for sensitive data will not let any unauthorized access go through.
- When talking about Hadoop security, you have to consider how Hadoop was conceptualized.
- When Doug Cutting and Mike Cafarella started developing Hadoop, security was not exactly the priority.
- Hadoop was meant to process large amounts of web data in the public domain, and hence security was not the focus of development. That's why it lacked a security model and only provided basic authentication for HDFS—which was not very useful, since it was extremely easy to impersonate another user.
- Another issue is that Hadoop was not designed and developed as a cohesive system with predefined modules, but was rather developed as a collage of modules that either correspond to various open source projects or a set of (proprietary) extensions developed by various vendors to supplement functionality lacking within the Hadoop ecosystem.
- Therefore, Hadoop assumes the isolation of (or a cocoon of) a trusted environment for its cluster to operate without any security violations—and that's lacking most of the time.