Big Data // Big Data Analytics
News
5/15/2014
12:45 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Hortonworks' Hadoop Security Buy

Hortonworks acquires startup XA Secure and will bring its Hadoop access, authorization, and audit policy layer into open-source.

10 Hadoop Hardware Leaders
10 Hadoop Hardware Leaders
(Click image for larger view and slideshow.)

Hortonworks announced Thursday that it has acquired XA Secure, a 15-month-old security startup that has been developing centralized security capabilities for the Apache Hadoop stack. The deal fits Hortonworks' stated mission to turn Hadoop into an enterprise-ready, mission-critical platform.

"The introduction of YARN last October has allowed Hadoop to move from batch processing to batch, interactive, SQL, and real-time workloads, but the challenge is now centralized security administration," said Tim Hall, Hortonworks' VP of product management, in a phone interview with InformationWeek. "XA Secure simplifies and coordinates enforcement of security policies across all the engines that are available within the Hadoop ecosystem."

The terms of the deal were not disclosed, but Hall said XA Secure's 10 employees have joined Hortonworks.

[Want more on Cloudera's Sentry project? Read Cloudera Brings Role-Based Security To Hadoop.]

There are multiple provisions and projects already in existence to ensure Hadoop security, including Kerberose authentication for access control to files in HDFS and DBA interfaces in Hive, to grant and revoke access to queries. Hortonworks has also integrated Hadoop Kerberose support with LDAP and Active Directory, but XA Secure has developed a centralized security layer that ensures a more comprehensive and holistic approach, according to Hall.

"XA Secure gives the security administrator a user interface in which to define security policies for authorization. They have also harmonized an approach for how the various components of Hadoop can plug into this policy layer for coordinated enforcement."

XA Secure policies address authentication, authorization, and auditing, and Hortonworks said it will coordinate with third-party tools to meet more specific security needs such as data encryption. The company also plans to extend XA Secure audit capabilities by integrating with Hortonwork's existing system auditing functionality.

XA Secure's security platform is a commercial product, but Hortonworks says it will donate the intellectual property to the Apache Foundation in hopes of getting it to incubator project status by the second half of 2014. In the interim, Hall says, Hortonworks will add XA Secure's software into its distribution as early as June, making it available to Hortonworks Data Platform Enterprise Plus subscribers.

Hortonworks rival Cloudera has promoted the Apache Sentry project (already in incubator status) for enhanced Hadoop security, but Hall characterized that system as "an interesting idea aimed at the wrong kind of persona.

"Today, to configure Sentry you have to fiddle with XML files, and that's not exactly something that security administrators want to figure out how to do. Today, Sentry is also primarily protecting Hive. They're trying to extend that, but they expect you to buy proprietary technology to do security."

Once XA Secure is available in open-source it will be accessible to all, but Hortonworks will support it only at the higher of its two subscription support levels, Enterprise and Enterprise Plus. Enterprise Plus covers the entire HDP distribution plus Accumulo, Storm, and soon, XA Secure.

NIST's cyber security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

Doug Henschen is Executive Editor of InformationWeek, where he covers the intersection of enterprise applications with information management, business intelligence, big data and analytics. He previously served as editor in chief of Intelligent Enterprise, editor in chief of ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
5/16/2014 | 9:38:07 PM
Hortonworks gets Hadoop security
To go from a Hadoop security startup to acquisition by one of the few Hadoop brain trusts in 15 months is pretty. Some would say the tech bubble must be bulging toward the breaking point. I would say Hadoop is so valuable to a coming generation of Web applications that anything that can consolidate for it has great value.
6 Tools to Protect Big Data
6 Tools to Protect Big Data
Most IT teams have their conventional databases covered in terms of security and business continuity. But as we enter the era of big data, Hadoop, and NoSQL, protection schemes need to evolve. In fact, big data could drive the next big security strategy shift.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.