In Chapter 1, Hadoop Security Overview, we discussed the security considerations for an end-to-end Hadoop-based Big Data ecosystem. In this chapter, we will narrow our focus and take a deep dive into the security design of the Hadoop platform. Hadoop security was implemented as part of the HADOOP-4487 Jira issue, starting in late 2009 (https://issues.apache.org/jira/browse/HADOOP-4487). Currently, there are efforts to implement SSO Authentication in Hadoop. This is currently not production-ready, and hence will be out of scope of this book.

Hadoop security implementation is based on Kerberos. So in this chapter, first we will be provided with a high-level overview of key Kerberos terminologies and concepts, and ...