Managing access in distributed big data environments

OData support
Kazi Sándor Antal
Department of Telecommunications and Media Informatics

Hadoop framework stands out from other recent Big Data Systems. It is widely applicable thanks to its countless different services. The control of the availability of the system the authentication and autorization of the users is a basic requirements for an enterprise enviroment. The Kerberos protocol provides an apparent solution for this tasks, whose integration is not so self-evident and requires detailed design.

Following the general demonstration of authentication and autorization the commonly used tasks and requirements in the business atmosphere is written down, focusing on the usage of cluster infrastucture. Then a demonstration comes about the basic functions of Hadoop, the tasks of the clustering servers and the operation of the Hadoop moduls, which are essential regarding my thesis.

Chapter 3 provides a description of the Kerberos protocol, examining the internal messaging and validation during the authentication in detail. Full understandinig of these processes is important to ensure that unauthorized persons do not obtain access to the system under control.

The last chapter describes the planning and creation of the following aspects: the architecture of a test environement, ways of communication between the clustering servers, objects and permissions required to control the proper operation. In this review I focus equally on examining the necessary access and prohibiting any unauthorized permissions. Thereafter I deal with the retraction of the integration process, which depends on the steps taken to make the decision to restore it.

Finally, I present some Kerberos features that are not self-explanatory and should be kept in mind during the desing process. In addition, I examine the possibilities of extending the established test environment to an external directory registry system (LDAP).


Please sign in to download the files of this thesis.