Episode 26 - Security 2: Authorisation and audit

In this episode, we continue our coverage on Hadoop security. Where episode 24 dealt with the subject of authentication, we now delve deeper in the why and how of authorization and audit, and cover the major players in the arena.

Podcast: Play in new window | Download (Duration: 1:10:32 — 40.6MB)

Subscribe: Apple Podcasts | Spotify | RSS | More

00:00 Recent events

Dave
- Beyond Privacy and Security in a Connected World
  - http://www.svds.com/beyond-privacy-security-connected-world/
- The broken promise of open-source Big Data software – and what might fix it
  - http://siliconangle.com/blog/2016/09/27/the-broken-promise-of-open-source-big-data-software-and-what-might-fix-it-2/
- Meet Apache Spot, a new open source project for cybersecurity
  - http://www.csoonline.com/article/3124497/big-data/meet-apache-spot-a-new-open-source-project-for-cybersecurity.html
- SMEs advised to capitalise on ‘big data’
  - http://www.farminglife.com/news/farming-news/smes-advised-to-capitalise-on-big-data-1-7606523
Jhon
- What is hardcore data science—in practice?
  - https://www.oreilly.com/ideas/what-is-hardcore-data-science-in-practice
- Hortonworks, IBM Collaborate to Offer Open Source Distribution on Power Systems
  - http://www.prnewswire.com/news-releases/hortonworks-ibm-collaborate-to-offer-open-source-distribution-on-power-systems-300330299.html
  - https://www-03.ibm.com/press/us/en/pressrelease/50553.wss
- Inside ‘The Next Rembrandt’: How JWT Got a Computer to Paint Like the Old Master The project leaders explain their brilliant, troubling masterpiece
  - http://www.adweek.com/news/advertising-branding/inside-next-rembrandt-how-jwt-got-computer-paint-old-master-172257
  - https://www.nextrembrandt.com/
- Strata+Hadoop World New York
- Cloudera Kudu 1.0.0 released
  - http://community.cloudera.com/t5/Community-News-Release/ANNOUNCE-Apache-Kudu-1-0-0-released/m-p/45332

Audience Questions from Sampath @ Baltimore:
- http://www.infoignite.com/sentiment.html
- Azure HDInsight 3.5:
  - https://azure.microsoft.com/en-gb/blog/new-security-performance-and-isv-solutions-build-on-azure-hdinsight-s-leadership-to-make-hadoop-enterprise-ready-for-the-cloud/
  - Azure Search:
    - https://azure.microsoft.com/en-us/services/search/

42:15 Security 2: Authorisation and audit

The principles of auth reflected by the underlying organisation of your data
Sync with AD/LDAP groups, don’t go user specific wherever possible.
Use whatever tools are in your platform:
- Cloudera – Sentry
  - https://sentry.apache.org/
- Hortonwork – Ranger
  - http://ranger.apache.org/
- MapR – ???
  - https://www.mapr.com/hadoop-security-and-big-data-governance-mapr

01:10:32 End

Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.