Versions Compared

Old Version 2

changes.mady.by.user Nishith Nand

Saved on

compared with

New Version 3

changes.mady.by.user Nishith Nand

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Alias: This will be the identifier, provided by the user, that will be used to retrieve the object.
  2. Properties: A key value map containing the properties of the object being stored.
  3. Data: The data being stored. Passed in as a byte array.

 

 

Following Operations operations will supported by the store

...

OperationREST APIBodyResponse
PutPOST /security/store/v1/key

Content-Type: application/json

Code Block
titlePut Data
{
  "name"        :  "<name>"
  "description" :  "<description>"
  "data"        :  "<data>"  //base64
  "properties"  :  {
    "key"  :  "value"
	...
  }
}

201 : Created

409 : Conflict

DeleteDELETE /security/store/v1/key/<key-name>N/A

200 OK

404 Not Found

GetGET /security/store/v1/key/<key-name>N/A

200 OK

Content-Type: application/json

Code Block
{
  "name"  :  "<name>"
  "data"  :  "<data>"  //base64
}

404 Not Found

Get MetadataGET /security/store/v1/key/<key-name>/metadataN/A

200 OK

Content-Type: application/json

Code Block
{
  "name"        :  "<name>"
  "description" :  "<description>"
  "created"     :  <millis-epoch> //long
  "properties"  :  {
    "key"  :  "value"
	...
  }
}

404 Not Found

ListGET /security/store/v1/keys/namesN/A

200 OK

Content-Type: application/json

Code Block
[
  "<key-name>",
  "<key-name>",
  "<key-name>",
  ...
]

 

 

Access Control

The keystore can be protected with a key in the CDAP master keystore, which CDAP already requires the user to provide in order to have SSL enabled. Since program will be executed in the same JVM as the SDK process, accessing to the sensitive data directly through the proper Guice binding that binds the SecureStore interface to the actual implementation.

Caching

Hadoop KMS caches keys for a short period of time to avoid excessive hits to the underlying key provider. In the operations we are interested in only 2 use the cache, get data, and get metadata.

Audit logs

All access to the secure store will be logged.

 

Implementation

Two implementations will be provided

Standalone mode

An implementation using standard Java tools (JKS or JCEKS) will be provided. The key store will be stored in a file on the local filesystem. 


The cluster has KMS running

If the cluster has KMS running, we will utilize that for securely storing sensitive information. To do that we will implement the Hadoop KeyProvider API and forward user calls to KMS.

...

Out-of-scope User Stories (4.0 and beyond)

  1. Support for 

References

Secure Store

https://hadoop.apache.org/docs/stable/hadoop-kms/index.html

https://hadoop.apache.org/docs/r2.7.2/hadoop-project-dist/hadoop-hdfs/TransparentEncryption.html

https://hadoop.apache.org/docs/r2.7.2/api/org/apache/hadoop/crypto/key/KeyProvider.html