ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Balaji Ganesan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-723) Ranger-KMS – CloudHSM Integration
Date Fri, 06 Nov 2015 06:46:27 GMT

    [ https://issues.apache.org/jira/browse/RANGER-723?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14993225#comment-14993225
] 

Balaji Ganesan commented on RANGER-723:
---------------------------------------

[~varunraob] Thanks for putting this together. Is this jira applicable to only CloudHSM or
can it applied potentially for any HSM ?

> Ranger-KMS – CloudHSM Integration
> ---------------------------------
>
>                 Key: RANGER-723
>                 URL: https://issues.apache.org/jira/browse/RANGER-723
>             Project: Ranger
>          Issue Type: New Feature
>          Components: kms, Ranger
>    Affects Versions: 0.5.0
>            Reporter: Varun Rao
>            Assignee: Varun Rao
>            Priority: Minor
>         Attachments: Hadoop KMS.png, Ranger KMS - CloudHSM integration.png
>
>
> Integrate Ranger KMS with CloudHSM to manage master keys.
> Currently Ranger KMS uses the database (rangerkms.ranger_masterkey) to store the master
key. 
> This Master key is encrypted using a property "KMS_MASTER_KEY_PASSWD". 
> It would be nice if we can use CloudHSM instead of using "KMS_MASTER_KEY_PASSWD" to encrypt
the master key. 
> This will add an extra layer in the Key Hierarchy.
> Attached is the high level architecture of the current Hadoop KMS and the proposed change
to integrate with CloudHSM.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message