KMS Basic Principles
KMS Basic Principles
Hadoop Key Management Server (KMS) is developed based on KeyProvider API. It provides a client and a server that communicate with each other using REST APIs based on HTTP.
The client is the implementation of KeyProvider and interacts with KMS using KMS HTTP REST API. KMS and its client are configured with built-in security mechanisms that support HTTP SPNEGO Kerberos authentication and HTTPS-based secure transmission.
HDFS supports end-to-end transparent encryption. After the configuration is complete, users do not need to modify any application code when storing data to HDFS. Data encryption and decryption are performed by the client. The HDFS does not store or access unencrypted data or data encryption keys.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
