Episode 23 – Security in Hadoop – Authentication

Ceberus three headed dog

In this episode, we discuss this fortnight’s interesting big data news that caught our eye and then go on to discuss the basics around authentication in Hadoop for what is the first in a series of episodes that we’ll be doing over the next few months on the broad topic of security.

00:00 Recent events

40:20 Security in Hadoop – Authentication

  • What is Authentication?
  • Why is it important?
  • When should I do it?
  • Hadoop is insecure by default without strong Authentication
  • Kerberos
  • Active Directory, MIT Kerberos and FreeIPA

01:07:49 End

Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.

2 thoughts on “Episode 23 – Security in Hadoop – Authentication”

  1. Hi,

    a) Why did you named that episode “Security in Hadoop – Authorisation” when it’s about authentication 😉

    b) you mentioned some sort of Document about security and example how easy it is with a none secure Cluster to change “$user”. Where can i find it?

    Keep up the good work!

    Thanks in advance

    1. Hi Phil,

      Regarding a): Excellent question… and we really don’t have an answer for you… So we decided to correct the title. All kidding aside, a big thank you for spotting and reporting! This kind of embarrassing thing happens when you plan a series of episodes and then decide to update a blog post late at night… :s

      And regarding b) here is a nice blog post by Mikhail Samoylenko that demonstrates a number of vulnerabilities when Kerberos is not enabled:

      Bullet 2.2.1 deals specifically with he “$user” example we mentioned in the episode. This example appears in many books and lectures dealing with security on Hadoop.

      Thanks again for reporting the error!

      Best regards,


Comments are closed.