With Early Release ebooks, you get books in their earliest form—the author's raw and unedited content as he or she writes—so you can take advantage of these technologies long before the official release of these titles. You'll also receive updates when significant changes are made, new chapters as they're written, and the final ebook bundle.
As more corporations turn to Hadoop to store and process their most valuable data, the risks with a potential breach of those systems increases exponentially. This practical book not only shows security architects how to protect Hadoop data from unauthorized access, but also how to limit the ability of an attacker to corrupt or modify data in the event of a security breach.
Security is typically the longest phase of any Hadoop project. In this book, Cloudera professionals Ben Spivey and Joey Echeverria provide a thorough treatment of Hadoop security architecture and implementation to help architects navigate the common challenges of this phase. Example case studies demonstrate how the book’s material is immediately applicable to your use cases.
Understand the challenges of securing distributed systems, particularly Hadoop
Use best practices for preparing Hadoop cluster hardware from a security standpoint
Get an overview of the Kerberos network authentication protocol
Delve into authorization and accounting principles as they apply to Hadoop
Use mechanisms to protect data in a Hadoop cluster, both in transit and at rest
Integrate Hadoop data ingest into enterprise-wide security architecture
Ensure that security architecture reaches all the way to end-user access
Chapter 2Securing Distributed Systems
Chapter 3System Architecture
Chapter 5Identity and Authentication
Chapter 7Apache Sentry
Chapter 9Data Protection
Chapter 10Securing Data Ingest
Chapter 11Data Extraction and Client Access Security
Ben is currently a Solutions Architect at Cloudera. During his time with Cloudera, he has worked in a consulting capacity to assist customers with their Hadoop deployments. Ben has worked with many Fortune 500 companies across multiple industries, including financial services, retail, and health care. His primary expertise is the planning, installation, configuration, and securing of customers' Hadoop clusters.
In addition to consulting responsibilities, Ben contributes a vast amount of technical writing on customer document deliverables, to include Hadoop best practices, security integration, and cluster administration.
Prior to Cloudera, Ben worked for the National Security Agency and with a defense contractor as a software engineer. During this time, Ben built applications that, among other things, integrated with enterprise security infrastructure to protect sensitive information.
Ben holds a Bachelor’s degree in Computer Science and a Master’s degree in Information Technology, with a focus on Information Assurance. Ben’s final Master’s project was focused on designing an enterprise IT infrastructure with a defense-in-depth approach.
Joey Echeverria is a Software Engineer at ScalingData where he builds the next generation of IT Operations Analytics on the Apache Hadoop platform. Joey is also a committer on the Kite SDK, an Apache-licensed data API for the Hadoop ecosystem. Joey was previously a Software Engineer at Cloudera where he contributed to a number of ASF projects including Apache Flume, Apache Sqoop, Apache Hadoop, and Apache HBase.
While at Cloudera, Joey also served as the Director of Federal FieldTechnical Services, overseeing the public sector Professional Servicesand Systems Engineering teams. Joey started at Cloudera as a SolutionsArchitect, where he helped customers to design, develop, and deployproduction Hadoop applications and clusters. When needed, he has also filled in for Cloudera’s support and training teams and has taughtCloudera’s administrator and Apache HBase courses.
Joey’s background is in building and deploying secure data processing applications, with the last 7 years focused on Hadoop-based applications. In the past, he has worked on resource constrained data processing, a clustered implementation of the Snort intrusiondetection system, and he built a distributed index system on Hadoopwhen he worked for NSA.
I was working on Hadoop Kerberos pass through authentication when I discover this book. This is exactly what I needed: comprehensive and complete information about Kerberos and Hadoop security including detailed configurations. Before this book, I googled a lot and discover different pieces information scatter around apache, cloudera and hortonworks sites, but it does not give you a complete picture as to how these pieces fit together. This book bring this together. Very helpful.
One important part not covered is how to implement pass through security programmingly. Of course there are only very small audience for this topic as it is advanced topic. But it will help to complete the story.
Bottom Line Yes, I would recommend this to a friend