Support Questions

Find answers, ask questions, and share your expertise

How is security achieved in Hadoop?

In Hadoop how is security achieved?



In HDP and HDF you have option to Kerberized all components + integrate with Active Directory or other directory managers like (freeIPA or openldap) for authorization.

Authentication and auditing part goes to apache Ranger.

If required encruption Ranger KMS and Apache Knox for perimiter security.

Apache Hadoop achieves security by using Kerberos.

At a high level, there are three steps that a client must take to access a service when using Kerberos. Thus, each of which involves a message exchange with a server.

  • Authentication – The client authenticates itself to the authentication server. Then, receives a timestamped Ticket-Granting Ticket (TGT).
  • Authorization – The client uses the TGT to request a service ticket from the Ticket Granting Server.
  • Service Request – The client uses the service ticket to authenticate itself to the server.