×
图文详情
  • ISBN:9787564168711
  • 装帧:暂无
  • 册数:暂无
  • 重量:暂无
  • 开本:24cm
  • 页数:320
  • 出版时间:2017-01-01
  • 条形码:9787564168711 ; 978-7-5641-6871-1

本书特色

随着越来越多的公司转向用Hadoop来存储和处理 他们*有价值的数据,系统被破坏的潜在风险也正以 指数级趋势增长。本·斯皮维、乔伊·爱彻利维亚* 的《Hadoop安全(影印版)(英文版)》这本实践图 书不仅向Hadoop管理员和安全架构师们展示了如何保 护Hadoop数据,防止未授权访问,也介绍了如何限制 攻击者在安全入侵过程中损坏和篡改数据的能力。
作者本·斯皮维与乔伊·爱彻利维亚提供了关于 Hadoop安全特性的深入信息,并将它们根据通常的计 算机安全概念重新组织整理。你还能获得演示如何将 这些概念应用到你自己的用例中的真实案例。

内容简介

Hadoop原本来自于谷歌一款名为MapReduce的编程模型包。谷歌的MapReduce框架可以把一个应用程序分解为许多并行计算指令,跨大量的计算节点运行非常巨大的数据集。使用该框架的一个典型例子就是在网络数据上运行的搜索算法。Hadoop*初只与网页索引有关,迅速发展成为分析大数据的领先平台。目前有很多公司开始提供基于Hadoop的商业软件、支持、服务以及培训。本书讲述Hadoop相关安全技术。

目录

Foreword Preface 1. IntroductionSecurity OverviewConfidentialityIntegrityAvailabilityAuthentication, Authorization, and AccountingHadoop Security: A Brief HistoryHadoop Components and EcosystemApache HDFSApache YARNApache MapReduceApache HiveCloudera ImpalaApache Sentry (Incubating)Apache HBaseApache AccumuloApache SolrApache OozieApache ZooKeeperApache FlumeApache SqoopCloudera HueSummaryPart I. Security Architecture 2. Securing Distributed SystemsThreat CategoriesUnauthorized Access/MasqueradeInsider ThreatDenial of ServiceThreats to DataThreat and Risk AssessmentUser AssessmentEnvironment AssessmentVulnerabilitiesDefense in DepthSummary 3. System ArchitectureOperating EnvironmentNetwork SecurityNetwork SegmentationNetwork FirewallsIntrusion Detection and PreventionHadoop Roles and Separation StrategiesMaster NodesWorker NodesManagement NodesEdge NodesOperating System SecurityRemote Access ControlsHost FirewallsSELinuxSummary 4. KerberosWhy Kerberos?Kerberos OverviewKerberos Workflow: A Simple ExampleKerberos TrustsMIT KerberosServer ConfigurationClient ConfigurationSummaryPart II. Authentication, Authorization, and Accounting 5. Identity and AuthenticationIdentityMapping Kerberos Principals to UsernamesHadoop User to Group MappingProvisioning of Hadoop UsersAuthenticationKerberosUsername and Password AuthenticationTokensImpersonationConfigurationSummary 6. AuthorizationHDFS AuthorizationHDFS Extended ACLsService-Level AuthorizationMapReduce and YARN AuthorizationMapReduce (MR1)YARN (MR2)ZooKeeper ACLsOozie AuthorizationHBase and Accumulo AuthorizationSystem, Namespace, and Table-Level AuthorizationColumn- and Cell-Level AuthorizationSummary 7. Apache Sentry (Incubating)Sentry ConceptsThe Sentry ServiceSentry Service ConfigurationHive AuthorizationHive Sentry ConfigurationImpala AuthorizationImpala Sentry ConfigurationSolr AuthorizationSolr Sentry ConfigurationSentry Privilege ModelsSQL Privilege ModelSolr Privilege ModelSentry Policy AdministrationSQL CommandsSQL Policy FileSolr Policy FilePolicy File Verification and ValidationMigrating From Policy FilesSummary 8. AccountingHDFS Audit LogsMapReduce Audit LogsYARN Audit LogsHive Audit LogsCloudera Impala Audit LogsHBase Audit LogsAccumulo Audit LogsSentry Audit LogsLog AggregationSummaryPart III. Data Security 9. Data ProtectionEncryption AlgorithmsEncrypting Data at RestEncryption and Key ManagementHDFS Data-at-Rest EncryptionMapReduce2 Intermediate Data EncryptionImpala Disk Spill EncryptionFull Disk EncryptionFilesystem EncryptionImportant Data Security Consideration for HadoopEncrypting Data in TransitTransport Layer SecurityHadoop Data-in-Transit EncryptionData Destruction and DeletionSummary 10. Securing Data IngestIntegrity of Ingested DataData Ingest ConfidentialityFlume EncryptionSqoop EncryptionIngest WorkflowsEnterprise ArchitectureSummary 11. Data Extraction and Client Access Security.Hadoop Command-Line InterfaceSecuring ApplicationsHBaseHBase ShellHBase REST GatewayHBase Thrift GatewayAccumuloAccumulo ShellAccumulo Proxy ServerOozieSqoopSQL AccessImpalaHiveWebHDFS/HttpFSSummary 12. Cloudera HueHue HTTPSHue AuthenticationSPNEGO BackendSAML BackendLDAP BackendHue AuthorizationHue SSL Client ConfigurationsSummaryPart IV. Putting It All Together 13. Case StudiesCase Study: Hadoop Data WarehouseEnvironment SetupUser ExperienceSummaryCase Study: Interactive HBase Web ApplicationDesign and ArchitectureSecurity RequirementsCluster ConfigurationImplementation NotesSummary Afterword Index
展开全部

预估到手价 ×

预估到手价是按参与促销活动、以最优惠的购买方案计算出的价格(不含优惠券部分),仅供参考,未必等同于实际到手价。

确定
快速
导航