Title: A token authentication solution for hadoop based on kerberos pre-authentication
Abstract: As broad adoption of Apache Hadoop [20] accelerates authentication and authorization capabilities are a major concern for data access security. To integrate pluggable authentication providers, enhance desirable single sign on for end users, and enforce centralized access control on the platform, Hadoop community has widely discussed and concluded that token based authentication is the appropriate approach [18]. In this paper we discuss an innovation solution about how to implement the token authentication based on the Kerberos pre-authentication framework [4]. We propose a pre-authentication mechanism for Kerberos [1] that allows users to authenticate to Key Distribution Center (KDC) using a standard token, and develop a plugin for MIT Kerberos that can be deployed separately to employ the new mechanism. Based on that, we develop our token authentication solution for the entire Hadoop stack that helps integrate identity management systems and OAuth 2.0 [6] authorization solutions, meanwhile avoiding complication, risk and deployment overhead.
Publication Year: 2014
Publication Date: 2014-10-01
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 19
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot