Identity authentication method for Hadoop cluster

A hadoop cluster and identity authentication technology, applied in user identity/authority verification, digital transmission systems, electrical components, etc., can solve problems such as weak password attacks, achieve the effect of improving security, improving security, and reducing risk points

Active Publication Date: 2017-10-17
NO 32 RES INST OF CHINA ELECTRONICS TECH GRP
View PDF7 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 2. Since system security largely depends on the complexity of user passwords, it is inevitable to be vulnerable to weak password attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Identity authentication method for Hadoop cluster
  • Identity authentication method for Hadoop cluster

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The preferred embodiments of the present invention are given below in conjunction with the accompanying drawings to describe the technical solution of the present invention in detail.

[0034] The present invention uses a third-party service called KDC (Key Distribution Center) to verify the mutual identities of entities in the cluster, and establish keys to ensure secure connections between entities. KDC consists of two parts, the authentication server AS and the authorization server TGS. Kerberos (Kerberos is a dog that guards the entrance to hell in ancient Greek mythology. It has three heads. The reason why MIT MIT named its authentication protocol Kerberos is because they plan to establish a complete system through three aspects: authentication, authorization, and auditing. Security mechanism) The authentication system includes three parties in total: the authentication server AS, which is used to verify the identity of the user and issue the ticket TGT when loggin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an identity authentication method for a Hadoop cluster. The method comprises the following steps: step one, a client sends a request to an authentication server to request for the ticket granting, the request is sent to the authentication server in a plaintext way, the request message comprises a user name, an authorization server name, a valid survival period, the first random number and a user located Kerberos field user information; step two, after receiving the request message of the client, the authentication server firstly finds a key of the user in a local database according to the user name, if the finding is successful, the authentication is continued. By adopting an authentication mode based on the PKI, the command of the user is unnecessary to save on the KDC, the risk point of the system is reduced, and the security of the Hadoop cluster identity authentication is greatly improved.

Description

technical field [0001] The invention relates to an identity authentication method, in particular to an identity authentication method for Hadoop clusters. Background technique [0002] In the early days, the initial purpose of Hadoop (Hadoop is a distributed system infrastructure developed by the Apache Foundation) cluster was to manage large amounts of public web data, so data security and privacy were not considerations in the original design. It is always designed with the assumption that a Hadoop cluster will consist of cooperating, trusted machines, and will be used by trusted users in a trusted environment. Therefore, Hadoop does not authenticate users or services, there is no data privacy, and anyone can submit code for execution. [0003] Later, as Hadoop became a more popular big data analysis platform, the Hadoop development community realized the need to add more robust security controls to Hadoop. The developers chose Kerberos as the underlying authentication m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3247H04L63/0428H04L63/062H04L63/0807H04L63/0853
Inventor 朱明轺李龙刘银平姚洪何杰彭癸先
Owner NO 32 RES INST OF CHINA ELECTRONICS TECH GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap