Montreal is the largest city in Quebec and the second most populous city in Canada, after Toronto and before Vancouver.
The city of Montreal has set up a Hortonworks Hadoop cluster.
Hadoop framework was developed without any security system in place. This framework has no user authentication mode, no partitioning of private data, and anyone is allowed to execute code.
In this context, two tools, part of the Hadoop ecosystem, have been introduced, Apache Atlas and Apache Ranger to secure the access to the Hadoop cluster.
The security audit consisted of implementing those tools and validating security access rules and different user access levels as it was defined by the platform managers.
Three access levels have been set up and validated:
- Authentication (Kerberos – Apache Atlas)
- Permissions and ACLs (Atlas and Ranger)
- Encryption using SSL and SSAL protocols (Atlas and Ranger)