As part of Hadoops encrypted file system (), the Hadoop Key Management Server (KMS) has been implemented to securely manage private keys for decryption and signing.
HadoopOffice offers the following functionality for which secure key management is a must:
Private keys for encryption (ie in context of office documents those are passwords)
Private keys for signing
At the moment, those keys are protected using the Java Keystore API and allowing to securely store private keys on HDFS (potentially in an encrypted zone),
The goal of this proposal is to additionally add support for the Hadoop KMS for a full ecosystem integration. An initial investigation will lead to a conclusion if it can also be used for managing keys in the HadoopOffice context
As part of Hadoops encrypted file system (), the Hadoop Key Management Server (KMS) has been implemented to securely manage private keys for decryption and signing.
HadoopOffice offers the following functionality for which secure key management is a must:
At the moment, those keys are protected using the Java Keystore API and allowing to securely store private keys on HDFS (potentially in an encrypted zone),
The goal of this proposal is to additionally add support for the Hadoop KMS for a full ecosystem integration. An initial investigation will lead to a conclusion if it can also be used for managing keys in the HadoopOffice context