23,99 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Fachliteratur
- Sprache: Englisch
Security of Big Data is one of the biggest concerns for enterprises today. How do we protect the sensitive information in a Hadoop ecosystem? How can we integrate Hadoop security with existing enterprise security systems? What are the challenges in securing Hadoop and its ecosystem? These are the questions which need to be answered in order to ensure effective management of Big Data. Hadoop, along with Kerberos, provides security features which enable Big Data management and which keep data secure.
This book is a practitioner's guide for securing a Hadoop-based Big Data platform. This book provides you with a step-by-step approach to implementing end-to-end security along with a solid foundation of knowledge of the Hadoop and Kerberos security models.
This practical, hands-on guide looks at the security challenges involved in securing sensitive data in a Hadoop-based Big Data platform and also covers the Security Reference Architecture for securing Big Data. It will take you through the internals of the Hadoop and Kerberos security models and will provide detailed implementation steps for securing Hadoop. You will also learn how the internals of the Hadoop security model are implemented, how to integrate Enterprise Security Systems with Hadoop security, and how you can manage and control user access to a Hadoop ecosystem seamlessly. You will also get acquainted with implementing audit logging and security incident monitoring within a Big Data platform.
Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:
Seitenzahl: 136
Veröffentlichungsjahr: 2013
Ähnliche
Table of Contents
Securing Hadoop
Securing Hadoop
Copyright © 2013 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: November 2013
Production Reference: 1181113
Published by Packt Publishing
Ltd.Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78328-525-9
www.packtpub.com
Cover Image by Ravaji Babu (<[email protected]>)
Credits
Author
Sudheesh Narayanan
Reviewers
Mark Kerzner
Nitin Pawar
Acquisition Editor
Antony Lowe
Commissioning Editor
Shaon Basu
Technical Editors
Amit Ramadas
Amit Shetty
Project Coordinator
Akash Poojary
Proofreader
Ameesha Green
Indexer
Rekha Nair
Graphics
Sheetal Aute
Ronak Dhruv
Valentina D'silva
Disha Haria
Abhinash Sahu
Production Coordinator
Nilesh R. Mohite
Cover Work
Nilesh R. Mohite
About the Author
Sudheesh Narayanan is a Technology Strategist and Big Data Practitioner with expertise in technology consulting and implementing Big Data solutions. With over 15 years of IT experience in Information Management, Business Intelligence, Big Data & Analytics, and Cloud & J2EE application development, he provided his expertise in architecting, designing, and developing Big Data products, Cloud management platforms, and highly scalable platform services. His expertise in Big Data includes Hadoop and its ecosystem components, NoSQL databases (MongoDB, Cassandra, and HBase), Text Analytics (GATE and OpenNLP), Machine Learning (Mahout, Weka, and R), and Complex Event Processing.
Sudheesh is currently working with Genpact as the Assistant Vice President and Chief Architect – Big Data, with focus on driving innovation and building Intellectual Property assets, frameworks, and solutions. Prior to Genpact, he was the co-inventor and Chief Architect of the Infosys BigDataEdge product.
I would like to thank my wife, Smita and son, Aryan for their sacrifices and support during this journey, and my dad, mom, and sister for encouraging me at all times to make a difference by contributing back to the community. This book would not have been possible without their encouragement and constant support.
Special thanks to Rupak and Debika for investing their personal time over weekends to help me experiment with a few ideas on Hadoop security, and for being the bouncing board.
I would like to thank Shwetha, Sivaram, Ajay, Manpreet, and Venky for providing constant feedback and helping me make continuous improvements in my securing Hadoop journey.
Above all, I would like to acknowledge my sincere thanks to my teacher, Prof. N. C. Jain; my leaders and coach Paddy, Vishnu Bhat, Sandeep Bhagat, Jaikrishnan, Anil D'Souza, and KNM Rao for their mentoring and guidance in making me who I am today, so that I could write this book.
About the Reviewers
Mark Kerzner holds degrees in Law, Math, and Computer Science. He has been designing software for many years and Hadoop-based systems since 2008. He is the President of SHMsoft, a provider of Hadoop applications for various verticals, and a co-author of the Hadoop illuminated book/project. He has authored and co-authored books and patents.
I would like to acknowledge the help of my colleagues, in particular, Sujee Maniyam, and last but not the least, my multitalented family.
Nitin Pawar started his career as a Release Engineer and Tools Developer, then moved into different roles such as operations, solutions engineering, process engineering, and Big Data analytics. Currently, he is working as a Big Data System Architect, and trying to solve problems related to customer success management. He has mainly been working with technologies revolving around the first generation Hadoop ecosystem.
www.PacktPub.com
Support files, eBooks, discount offers and more
You might want to visit www.PacktPub.com for support files and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at <[email protected]> for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
http://PacktLib.PacktPub.com
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books.
Why Subscribe?
Free Access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access.
Preface
Today, many organizations are implementing Hadoop in production environments. As organizations embark on the Big Data implementation journey, security of Big Data is one of the major concerns. Securing sensitive data is one of the top priorities for organizations. Enterprise security teams are worried about integrating Hadoop security with enterprise systems. Securing Hadoop provides a detailed implementation and best practices for securing a Hadoop-based Big Data platform. It covers the fundamentals behind Kerberos security and Hadoop security design, and then details the approach for securing Hadoop and its ecosystem components within an enterprise context. The goal of this book is to take an end-to-end enterprise view on Big Data security by looking at the Big Data security reference architecture, and detailing how the various building blocks required by an organization can be put together to establish a secure Big Data platform.
What this book covers
Chapter 1, Hadoop Security Overview, highlights the key challenges and requirements that should be considered for securing any Hadoop-based Big Data platform. We then provide an enterprise view of Big Data security and detail the Big Data security reference architecture.
Chapter 2, Hadoop Security Design, details the internals of the Hadoop security design and explains the key concepts required for understanding and implementing Kerberos security. The focus of this chapter is to arrive at a common understanding of various terminologies and concepts required for remainder of this book.
Chapter 3, Setting Up a Secured Hadoop Cluster, provides a step-by-step guide on configuring Kerberos and establishing a secured Hadoop cluster.
Chapter 4, Securing the Hadoop Ecosystem, looks at the detailed internal interaction and communication protocols for each of the Hadoop ecosystem components along with the security gaps. We then provide a step-by-step guide to establish a secured Big Data ecosystem.
Chapter 5, Integrating Hadoop with Enterprise Security Systems, focuses on the implementation approach to integrate Hadoop security models with enterprise security systems and how to centrally manage access controls for users in a secured Hadoop platform.
Chapter 6, Securing Sensitive Data in Hadoop, provides a detailed implementation approach for securing sensitive data within a Hadoop ecosystem and what are the various data encryption techniques used in securing Big Data platforms.
Chapter 7, Security Event and Audit Logging in Hadoop, provides a deep dive into the security incident and event monitoring system that needs to be implemented in a secured Big Data platform. We then provide the best practices and approach for implementing these security procedures and policies.
Appendix, Solutions Available for Securing Hadoop, provides an overview of the various commercial and open source technologies that are available to build a secured Hadoop Big Data ecosystem. We look into details of each of these technologies and where they fit into the overall Big Data security reference architecture.
What you need for this book
To practice the examples provided in this book, you will need a working Hadoop cluster. You will also need a multinode Linux cluster (a minimum of 2 nodes of CentOS 6.2 or similar). Cloudera CDH4.1 or above is recommended. Any latest version of Apache Hadoop distribution can also be used instead of CDH4.1.You will have to download and install Kerberos 5 Release 1.11.3 from the MIT site (http://web.mit.edu/kerberos/krb5-1.11/).
Who this book is for
Securing Hadoop is ideal for Hadoop practitioners (Big Data architects, developers, and administrators) who have some working knowledge of Hadoop and wants to implement security for Hadoop. This book is also for Big Data architects who want to design and implement an end-to-end secured Big Data solution for an enterprise context. This book will also act as reference guide for the administrators who are on the implementation and configuration of Hadoop security.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the erratasubmissionform link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
Questions
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.
Chapter 1. Hadoop Security Overview
Like any development project, the ones in Hadoop start with proof of concept (POC
