Security

If you would like to understand Ozone’s security architecture at a greater depth, please take a look at Ozone security architecture.

Depending on your needs, there are multiple optional steps in securing ozone.

Transparent Data Encryption

TDE allows data on the disks to be encrypted-at-rest and automatically decrypted during access.

Explains different modes of securing data nodes. These range from kerberos to auto approval.

Ozone supports S3 protocol, and uses AWS Signature Version 4 protocol which allows a seamless S3 experience.

Native Ozone Authorizer provides Access Control List (ACL) support for Ozone without Ranger integration.