September 2023
Intermediate to advanced
191 pages
4h 32m
English
Content preview from Learning and Operating Presto
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 7. Understanding Security in Presto
Securing a Presto cluster involves building secure communication, authenticating the parties involved, and authorizing actors. Secure communication is the process of exchanging information between two parties to prevent unauthorized access to the data. Authentication verifies that users are who they claim to be, and authorization grants access to resources based on the user’s identity.
The chapter is organized into four parts. In the first part, we’ll define the scenario we’ll implement throughout the chapter. Next, you’ll learn how to build secure communication in Presto through encryption, keystore management, and HTTPS/TLS. In the third part, we’ll focus on three types of authentication: file-based authentication, LDAP-based authentication, and Kerberos-based authentication. Finally, you’ll learn how to manage authorization in Presto through system access control and Apache Ranger.
Introducing Presto Security
In previous chapters, we assumed that our cluster of nodes was trusted and that there were no threats from the outside. This trustworthiness is because we have considered that all the nodes belonging to the cluster work together, and there is no unauthorized access to the data. In a real environment, however, this is not true. A cluster can be subject to various attacks, including unauthorized access to data, data theft, data corruption, or even service disruption. In a worst-case scenario, the cluster could become completely ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.