Security Terms

A glossary of commonly used data security terms.

Access Management
A framework for controlling what users can and cannot access.
Access Control List (ACL)
A list of associated permissions that specifies which users or system processes are granted access to a digital environment.
Apache
The Apache Software Foundation is an American nonprofit corporation that supports open source software projects. Cloudera utilizes Apache software.
Apache Atlas
Apache Atlas is a scalable and extensible set of core functional governance services that provides open metadata management for organizations. Atlas enables enterprises to effectively and efficiently meet their compliance requirements within CDP.
Apache Hadoop
The Apache Hadoop software library is a scalable framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models.
Apache Knox
Apache Knox provides perimeter security so that the enterprise can confidently extend Hadoop access to new users while also maintaining compliance with enterprise security policies. Knox also simplifies Hadoop security for users who access the cluster data and execute jobs.
Apache Ranger
Apache Ranger is a framework to enable, monitor, and manage comprehensive data security across the platform. It is used for creating and managing policies to access data and other related objects for all services in the CDP stack.
Auditing
The process of assessing the quality of data to ensure its authenticity and integrity.
Authentication
The process of proving an individual is who they claim to be.
Authorization
The protection that allows or denies user access to certain resources through specific established rules.
Certificate
Digital certificates are small data files that digitally bind a cryptographic key to an organization's details. It is used in electronic documents to verify the identity of an individual, a server, or an organization.
Data At-Rest
Data that is not actively moving and is stored in a physical location such as a hard drive or a cloud.
Data In-Transit
Data that is actively moving from one location to another, whether across the internet or between devices.
Data Integrity
Maintaining and assuring the accuracy and validity of data.
Data Governance
The prcess of managing the availability, usability, integriy, and security of data based on established policies.
Data Lineage
Lineage informatin helps you understand the origin of your data and the transformations it may have gone through before arriving in a file or table.
Data Masking
Protect sensitive data from being viewed by unauthorized users through methods such as redacting, hasing, nullifying, or implementing a partial mask.
Data Protection
Prevent the accidental deletion of data files through various protective methods.
Encryption
A security method where information is translated from plaintext to ciphertext and can only be accessed or decrypted by a user with the correct encryption key. Encrypted data appears as unreadable to anyone accessing it without permission.
Kerberos
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
Key
Within cryptography, a key is needed to encrypt and decrypt a message. Keys determine the output of the cipher algorithm.
Key Management
The management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, destruction, and replacement of keys.
Identity Management
A framework of policies that verifies user identities and ensures only authorized users have access to certain data or technology.
Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP) is a software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate intranet.
Metadata
Data about data.
Permissions
The authorization that enables users to access specific resources such as files, applications, and devices.
Personal Identifiable Information (PII)
Personal Identifiable Information (PII) includes any information that could be used to identify an individual.
Policies
A set of guiding principles or rules established to enforce data governance which determines how data is collected, used, and accessed.
Secure by Design
Cloudera treats security as a tier-1 design requirement to manage risk, reduce attack surface and vulnerabilities, and develop design concepts and patterns in an industry-preferred way
Transport Layer Security (TLS)
Transport Layer Security (TLS) is the most widely used security protocol for wire encryption. TLS provides authentication, privacy, and data integrity between applications communicating over a network by encrypting the packets transmitted between endpoints.