正版保障 假一赔十 可开发票
¥ 60.23 7.7折 ¥ 78 全新
库存3件
作者(美)本·斯皮维,乔伊·爱彻利维亚
出版社东南大学出版社
ISBN9787564168711
出版时间2017-01
装帧平装
开本16开
定价78元
货号24173092
上书时间2024-10-27
Foreword
Preface
1. Introduction
Security Overview
Confidentiality
Integrity
Availability
Authentication, Authorization, and Accounting
Hadoop Security: A Brief History
Hadoop Components and Ecosystem
Apache HDFS
Apache YARN
Apache MapReduce
Apache Hive
Cloudera Impala
Apache Sentry (Incubating)
Apache HBase
Apache Accumulo
Apache Solr
Apache Oozie
Apache ZooKeeper
Apache Flume
Apache Sqoop
Cloudera Hue
Summary
Part I. Security Architecture
2. Securing Distributed Systems
Threat Categories
Unauthorized Access/Masquerade
Insider Threat
Denial of Service
Threats to Data
Threat and Risk Assessment
User Assessment
Environment Assessment
Vulnerabilities
Defense in Depth
Summary
3. System Architecture
Operating Environment
Network Security
Network Segmentation
Network Firewalls
Intrusion Detection and Prevention
Hadoop Roles and Separation Strategies
Master Nodes
Worker Nodes
Management Nodes
Edge Nodes
Operating System Security
Remote Access Controls
Host Firewalls
SELinux
Summary
4. Kerberos
Why Kerberos?
Kerberos Overview
Kerberos Workflow: A Simple Example
Kerberos Trusts
MIT Kerberos
Server Configuration
Client Configuration
Summary
Part II. Authentication, Authorization, and Accounting
5. Identity and Authentication
Identity
Mapping Kerberos Principals to Usernames
Hadoop User to Group Mapping
Provisioning of Hadoop Users
Authentication
Kerberos
Username and Password Authentication
Tokens
Impersonation
Configuration
Summary
6. Authorization
HDFS Authorization
HDFS Extended ACLs
Service-Level Authorization
MapReduce and YARN Authorization
MapReduce (MR1)
YARN (MR2)
ZooKeeper ACLs
Oozie Authorization
HBase and Accumulo Authorization
System, Namespace, and Table-Level Authorization
Column- and Cell-Level Authorization
Summary
7. Apache Sentry (Incubating)
Sentry Concepts
The Sentry Service
Sentry Service Configuration
Hive Authorization
Hive Sentry Configuration
Impala Authorization
Impala Sentry Configuration
Solr Authorization
Solr Sentry Configuration
Sentry Privilege Models
SQL Privilege Model
Solr Privilege Model
Sentry Policy Administration
SQL Commands
SQL Policy File
Solr Policy File
Policy File Verification and Validation
Migrating From Policy Files
Summary
8. Accounting
HDFS Audit Logs
MapReduce Audit Logs
YARN Audit Logs
Hive Audit Logs
Cloudera Impala Audit Logs
HBase Audit Logs
Accumulo Audit Logs
Sentry Audit Logs
Log Aggregation
Summary
Part III. Data Security
9. Data Protection
Encryption Algorithms
Encrypting Data at Rest
Encryption and Key Management
HDFS Data-at-Rest Encryption
MapReduce2 Intermediate Data Encryption
Impala Disk Spill Encryption
Full Disk Encryption
Filesystem Encryption
Important Data Security Consideration for Hadoop
Encrypting Data in Transit
Transport Layer Security
Hadoop Data-in-Transit Encryption
Data Destruction and Deletion
Summary
10. Securing Data Ingest
Integrity of Ingested Data
Data Ingest Confidentiality
Flume Encryption
Sqoop Encryption
Ingest Workflows
Enterprise Architecture
Summary
11. Data Extraction and Client Access Security.
Hadoop Command-Line Interface
Securing Applications
HBase
HBase Shell
HBase REST Gateway
HBase Thrift Gateway
Accumulo
Accumulo Shell
Accumulo Proxy Server
Oozie
Sqoop
SQL Access
Impala
Hive
WebHDFS/HttpFS
Summary
12. Cloudera Hue
Hue HTTPS
Hue Authentication
SPNEGO Backend
SAML Backend
LDAP Backend
Hue Authorization
Hue SSL Client Configurations
Summary
Part IV. Putting It All Together
13. Case Studies
Case Study: Hadoop Data Warehouse
Environment Setup
User Experience
Summary
Case Study: Interactive HBase Web Application
Design and Architecture
Security Requirements
Cluster Configuration
Implementation Notes
Summary
Afterword
Index
— 没有更多了 —
以下为对购买帮助不大的评价