Multi-dimensional hadoop authority control method and system

An access control, multi-dimensional technology, applied in the field of big data processing, which can solve the problems of uncontrollable users forging super accounts, inflexible configuration, and inability to restrict users from accessing hadoop clusters from specified IPs.

Inactive Publication Date: 2016-12-21
BEIJING GEO POLYMERIZATION TECH
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to overcome the defects of the prior art, the technical problem to be solved in the present invention is to provide a multi-dimensional hadoop authority control method, which can realize user group configuration and limit users to only access the hadoop cluster on a fixed IP. Solve the problems that the configuration of default permissions is not flexible enough, it is impossible to control users from forging super accounts, and it is impossible to restrict users from accessing hadoop clusters from specified IPs, and realize the security authentication of hadoop permissions from multiple dimensions such as users, groups, and IPs.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-dimensional hadoop authority control method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] Such as figure 1 As shown, this multi-dimensional hadoop permission control method includes the following steps:

[0014] (1) Prepare configuration files, which include: permission configuration files (usergroupsmapping), IP whitelist files (includes) and IP blacklist files (excludes);

[0015] (2) Make the master process of hadoop identify and take effect.

[0016] The present invention enables the master process of Hadoop to identify and take effect by preparing configuration files, so that user groups can be configured, and at the same time, users are limited to access the Hadoop cluster on a fixed IP, which solves the problem that the configuration of default permissions is not flexible enough to control users Falsifying super accounts cannot restrict users from accessing hadoop clusters from specified IPs, and truly implement security authentication of hadoop permissions from multiple dimensions such as users, groups, and IPs.

[0017] In addition, the method als...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multi-dimensional hadoop authority control method. The method can be used for realizing the configuration of user groups, restricting the users to only access to hadoop clusters on fixed IPs and solving the problem that the default authorities are low in configuration flexibility, cannot control the counterfeit, carried out by the users, of super accounts and cannot restrict the users to access to the hadoop clusters from appointed IPs, so that the security certification of hadoop authorities is realized from multiple dimensions such as user, group and IP. The method comprises the following steps of: (1) preparing a configuration file, wherein the configuration file comprises an authority configuration file, an IP whitelist file and an IP blacklist file; and (2) recognizing and enforcing a master process of hadoop. The invention furthermore provides a multi-dimensional hadoop authority control system.

Description

technical field [0001] The invention relates to the technical field of big data processing, in particular to a multi-dimensional hadoop authority control method and a multi-dimensional hadoop authority control system. Background technique [0002] The patent "A Big Data Platform Supporting Multi-Tenants and Tenant Access Method" (CN201510538231.2) provides a hadoop permission control method. Hadoop permissions are based on the POSIX model by default, and support read and write execution control permissions for users, user groups, and other users. The corresponding groups of users are obtained through the local linux system of the master node, and the acquisition command is groups$user. [0003] However, this method is not flexible enough and has the following disadvantages: configuration permissions need to modify the local user group information of the master node; it is impossible to control users from forging super accounts to access Hadoop clusters; it is impossible to r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
CPCG06F21/6218G06F2221/2107
Inventor 何良均张翼温宗臣冯森林
Owner BEIJING GEO POLYMERIZATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap