Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Zettaset to offer role-based access control for Hadoop

It plans to integrate new functions into Hadoop Orchestrator platform

One of the challenges companies often face when using Hadoop to aggregate massive volumes of structured and unstructured data is finding a way to efficiently control and manage user access to that data.

Zettaset, a Mountain View, Calif.-based vendor of tools for managing big data, on Wednesday announced a new security initiative to help companies address that issue.

Under its SHadoop initiative, Zettaset will integrate new functions into its existing Hadoop Orchestrator platform that will allow IT administrators to implement role-based access control over Hadoop environments.

The new tools will allow administrators to better define what different categories of users can and cannot do with data in a Hadoop platform -- giving administrators a way to restrict users from executing certain jobs, or from importing or exporting certain kinds of data, according to Zettaset.

SHadoop will allow administrators to establish a baseline security policy for all users with access to a Hadoop system, the company said. It will then allow them to track, log and audit all user or group activity within the Hadoop platform.

Future versions of SHadoop will enable companies to encrypt data stored in a Hadoop cluster or transmitted between Hadoop nodes, Zettaset said.

Those features all address enterprise concerns around using Hadoop, according to analysts.

The Apache Hadoop Distributed File System allows companies to store and manage petabytes of data from disparate data sources far more efficiently than relational database management systems allow. A growing number of companies have begun using the open-source technology to aggregate and analyze huge volumes of structured and unstructured data captured from websites, social media networks, emails, audio and video files, sensors and machines.

While this data aggregation has enabled new levels of social media mining, sentiment analysis and fraud detection, it also creates new access control problems. Unlike traditional database management technologies, Hadoop does not give administrators many ways to control access to data beyond Access Control Lists and Kerberos-based authentication.

"So, while you can authenticate users, how do you go about setting up fine-grained access provisions," said David Menninger, an analyst with Ventana Research. "You can segregate sensitive data into separate files, nodes or clusters, but that still doesn't give you the row-level access control that people are used to in relational databases."

As a result, security and access control continue to be the areas where enterprise satisfaction with Hadoop lags behind traditional databases, he said. In a study by Ventana Research last year, fewer than half of the respondents said they were satisfied with Hadoop encryption and security capabilities, compared to nearly 70% who said they were satisfied with the security capabilities of their non-Hadoop database technologies.

"Our Hadoop research shows the biggest gap in satisfaction between Hadoop users and other big data technologies is security," he said.

Nathaniel Rowe, an analyst with the Aberdeen Group said that the security capabilities available with many current Hadoop distributions do not always match enterprise needs.

"Hadoop is a rapidly developing platform," Rowe said. "The way it has taken the big data world by storm is absolutely incredible." But on the security front, it is not always "quite up to snuff," he said.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com .

See more by Jaikumar Vijayan on Computerworld.com .

Read more about bi and analytics in Computerworld's BI and Analytics Topic Center.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Aberdeen Group, Apache, Mountain View, Topic
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: applications, BI and Analytics, databases, security, software
Latest Blog Posts
Whitepapers
  • Miercom Report - Plug and Play Switches
    Avaya engaged Miercom to evaluate the plug and play features and ease of configuration of the ERS 4548GT- PWR Edge Switch. The energy efficiency of the ERS was compared to similar switches and is discussed in this report as well. Read on.
    Learn more »
  • Get Control: make document management an integral part of your overall IT strategy
    As a government business process manager, you are expected to do more with less. A savings opportunity that is often overlooked is your imaging and printing environment. This is because print costs are fragmented and rarely quantified in full. HP Managed Print Services (MPS) is a tried and tested approach to reducing these costs by increasing user-to-device ratios, getting the right mix of devices in the right places, and reducing tech support and help desk inquiries. Read more.
    Learn more »
  • Transforming Your Business by Transforming Your Processes
    In this white paper, we build on the “Intelligent Guide to Enterprise BPM: V olume One” in which we described the three entry points where you can begin to build true Enterprise BPM. In this white paper we explain the value of Process T ransformation, the entry point to strategy and design. Successful implementation of Process T ransformation will mean you have successfully documented, standardized, harmonized, managed—as well as analyzed and improved—your business processes. T he next two white papers will detail the other two entry points: Process Automation and Process Intelligence.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.