Enabling ABAC with Accumulo and Ranger integration

Enabling ABAC with Accumulo and Ranger integration

Tuesday, June 19
4:00 PM - 4:40 PM
Executive Ballroom 210A/E

This talk will cover the topics of attribute-based access control (ABAC), Apache Ranger, and Apache Accumulo.

Attribute-based access control (ABAC) is a relatively new standard from NIST that provides a flexible framework that replaces the complex matrix nightmare scenario of user/group/role mappings in enterprise role-based access control (RBAC) systems. ABAC provides the ability to manage and enforce authorizations for both person and non-person entities and makes policy decisions based on subject, action, resource, and environment attributes.

Ranger and Accumulo are two technologies that, when combined, allow creation of systems that support ABAC at the cell-level. Ranger provides an extensible framework for distributed policy decision and enforcement with centralized administration as well as auditing authorization decisions within the Apache Hadoop ecosystem. Accumulo's pluggable security model enables the integration of Ranger providing GUI- and REST-driven authorization management, user and group synchronization with LDAP endpoints, and a centralized authorization audit repository.

The combination of Ranger and Accumulo enables alignment with NIST ABAC standards for the Hadoop ecosystem. This talk will cover why that matters, the mechanics of Ranger's authorization model, and demonstrate an integration of the two systems.

Presentation Video


John Highcock
Systems Architect
John Highcock is a Systems Architect at Hortonworks. Prior to joining Hortonworks, he worked on big data projects at the US Department of Justice.
Marcus Waineo
Principal Solutions Engineer
Marcus has been helping Federal, State, and Local governments adopt transformative big data technologies at Hortonworks for the last 4 years. Prior to joining Hortonworks, Marcus was a Computer Scientist at the US Department of Justice where he drove the adoption of Open Source Software and big data technologies such as Apache Hadoop, Apache Accumulo, Apache Nifi and related technology to solve analytic problems for agents and analysts in support of the U.S. National Security mission.