Chapter 5. Integrating Hadoop with Enterprise Security Systems
In the previous chapter, we looked at how to establish Kerberos authentication for the Hadoop ecosystem components. Establishing the authentication is only the first step towards providing secured access to the Hadoop ecosystem. In this chapter, we will focus on centrally managing the authentication and authorization of the various Hadoop users, and address the various challenges for integrating the Enterprise Security Systems with a secured Hadoop cluster.
Once Hadoop users are centrally managed, there is a need for these users to directly access and work on the Hadoop cluster. However, Hadoop service daemons use multiple communication protocols to communicate with each other. This requires multiple unsecured ports to be opened between the cluster machines. This brings in a security concern for the organization deploying Hadoop. So, usually, Hadoop clusters are isolated in a separate network and user access is only provided through...
