Configuring HDFS security with Kerberos
Newer releases of Hadoop (0.20.203 and above) support an optional Kerberos authentication of clients. This security support includes secure HDFS and secure MapReduce configurations.
The motivation for Hadoop security is not to defend against hackers, as all large Hadoop clusters are behind firewalls that only allow employees to access them. Its purpose is simply to allow storing sensitive data such as financial data on a shared cluster.
Prior releases of Hadoop already had file ownership and permissions in HDFS; the limitation was that they had no mechanisms for verifying user identity. With this Kerberos security support, user identities are verified by Kerberos, and only authenticated users are allowed ...