Centralized security administration in a Hadoop environment has four aspects:
Authentication
Effected by Kerberos in native Apache Hadoop, and secured by the Apache Knox Gateway via the HTTP/REST API. (For further information, see the Apache Knox Gateway Manager Guide.)
Authorization
Fine-grained access control provides flexibility in defining policies...
on the folder and file level, via HDFS
on the database, table and column level, via Hive
on the table, column family and column level, via HBase
Audit
Controls access into the system via extensive user access auditing in HDFS, Hive and HBase at...
IP address
Resource/resource type
Timestamp
Access granted or denied
Data Protection
Provided by wire encryption, volume encryption and (via HDFS TDE and Hortonworks partners) file/column encryption
Ranger Security Administration