Apache: Big Data 2016 has ended
Register Now or Visit the Website for more Information 

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Tuesday, May 10

9:00am PDT

Enforcing Fine Grained Role Based Authorization in Multi-tenant Streaming Data Platforms - Ashish Singh, Cloudera
Reliable, high-rate ingestion of data from a large variety of sources is the first step toward answering big analytical questions, and Apache Kafka, a scalable publish-subscribe messaging system, is a popular choice for this goal. With the increasing adoption of Kafka, security has become more important than ever. In this talk, Ashish Singh will review recent advancements made in Kafka towards closing security gaps, and discuss how addition of pluggable authorization in Kafka has enabled Apache Sentry (incubating) to provide an enterprise-grade, fine-grained, role-based authorization in Kafka. The talk will conclude with a demonstration of a working example of how administrators can rely on Sentry for enforcing fine-grained authorization in multi-tenant Kafka platforms.

avatar for Ashish Singh

Ashish Singh

Software Engineer, Cloudera
Ashish Singh is a Software Engineer, working with Cloudera to empower the Hadoop ecosystem to answer bigger questions. Ashish studied Computer Science and Engineering at Ohio State University. Before working in the Big Data space, he worked on optimizing MPI collective communications... Read More →

Tuesday May 10, 2016 9:00am - 9:50am PDT
Regency E

3:00pm PDT

Enabling Universal Authorization Models Using Sentry - Hao Hao & Anne Yu, Cloudera
Sentry is an framework to provide fine-grained access control on data stored on a Hadoop cluster. Sentry has been leveraged to manage authorization policies to Hive, Solr, Impala, and Kafka. A new generic authorization model has been implemented in Sentry to allow enabling protections on various types of data existing in Hadoop engines easily. It is critical to instrument different authorization security models meeting diverse security requirements. The architecture of the new generic model is designed to plug-in various authorization model such as role based access control and attribute based access control easily using the same storage service. In this talk, Anne and Hao will present the architecture of the generic model in Sentry framework which satisfies all those targets. And they will also elaborate how to create policies to protect data for different Hadoop engines.


Hao Hao

Hao Hao is a software engineer at Cloudera. She is working on Sentry project, a granular, role-based authorization module for Hadoop cluster. She is also a committer of Apache Sentry (incubating) project. Hao has performed extensive research on smartphone security, web security while... Read More →
avatar for Anne Yu

Anne Yu

Software Engineer, Cloudera
I am a software engineer working as Cloudera. I am also a PMC and committer of Apache Sentry. I am interested in big data and its security technologies. I am also very interested in Technology driven education system, such as AltSchool.

Tuesday May 10, 2016 3:00pm - 3:50pm PDT
Regency E