Zettaset, Utimaco Target Hadoop, NoSQL security
Big data security specialist Zettaset is joining forces with security hardware vendor Utimaco to offer an integrated data encryption security module for use with Hadoop and NoSQL.
The partners said Zettaset’s Secure Hadoop Encryption client software, which is used to encrypt sensitive data, was combined with Utimaco’s CryptoServer hardware security module, which provides physical protection of master cryptographic keys. The integrated security module targets enterprises deploying a Hadoop cluster or a NoSQL database.
It protects encryption keys by isolating them from the client storage media, thereby securing the keys from unauthorized access and security breaches.
Zettasett CEO Jim Vogt said the security module addresses security requirements for open source databases that have already been deployed with traditional, relational databases. The big data encryption approach is also said to allow IT security administrators to use a common, standards-based framework for encryption across datacenters, regardless of the type of data store.
Utimaco, Los Gatos, Calif., said its SE-series hardware is a scalable security module that complies with Federal Information Processing Standard 140-2 used to certify cryptographic modules. It has been certified under FIPS at the Level 3+ level, the company said. The security module addresses the growing need for mass processing of cryptographic operations for database and other applications requiring medium to high physical security.
The need for physical security is growing as more sensitive data is being pulled into open-source databases. Database users must increasingly comply with stricter security policies to handle sensitive and proprietary data.
The partners noted that Hadoop, like many open source technologies such as Unix, was not created with security in mind. They also said the integration of Zettaset’s Secure Hadoop Encryption with physical key protection of master crypto keys would extend the security features to customers who have deployed Hadoop or NoSQL for big data applications.
Zettaset, Mountain View, Calif., promotes its Secure Hadoop Encryption is a Key Management Interoperability Protocol (KMIP)-compliant software that handles data-at-rest on Hadoop nodes using the Advanced Encryption Standard new instruction set along with a proprietary kernel-level encryption approach. Zettaset said its encryption is optimized for the largest Hadoop clusters and NoSQL databases.
The partners said they have completed interoperability assurance testing. Along with the KMIP standard, the integrated security module also complies with Public Key Cryptography specs, making it easier to integrate into standards-based platforms.
As Hadoop, NoSQL and other big data platforms bulge with data, security specialists like Zettaset and Utimaco are focusing on securing the growing number of distributed-computing architectures. In the database arena, physical security for encryption keys is increasingly being augmented with data encryption, access control and authentication software for Hadoop and NoSQL clusters.
The trick, the partners said, is to come up with an integrated security solution that scales while at the same time fitting into existing enterprise IT security and policy frameworks.