O'Reilly logo

Hadoop Security by Joey Echeverria, Ben Spivey

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Case Studies

In this chapter, we present two case studies that cover many of the security topics in the book. First, we’ll take a look at how Sentry can be used to control SQL access to data in a multitenancy environment. This will serve as a good warmup before we dive into a more detailed case study that shows a custom HBase application in action with various security features in place.

Case Study: Hadoop Data Warehouse

One of the key benefits of big data and Hadoop is the notion that many different and disparate datasets can be brought together to solve unique problems. What comes along with this are different types of users that span multiple lines of business. In this case study, we will take a look at how Sentry can be used to provide strong authorization of data in Hive and Impala in an environment consisting of multiple lines of business, multiple data owners, and different analysts.

First, let’s list the assumptions we are making for this case study:

  • The environment consists of three lines of business, which we will call lob1, lob2, and lob3

  • Each line of business has analysts and administrators

    • The analysts are defined by the groups lob1grp, lob2grp, and lob3grp

    • The administrators are defined by the groups lob1adm, lob2adm, and lob3adm

    • Administrators are also in the analysts groups

  • Each line of business needs to have its own sandbox area in HDFS to do ad hoc analysis, as well as to upload self-service data sources

  • Each line of business has ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required