NSA Presented DBMS to Apache Incubator
The US National Security Agency has submitted its Accumulo project to the Apache Software Foundation. This is a distributed DBMS based on Google’s BigTable design using Hadoop , Zookeeper, and Thrift code. The design of BigTable was published in 2006, work on Accumulo began in 2008, and it was originally conceived as a free project using open libraries.
The main improvement of Accumulo in comparison with BigTable is an advanced system of access control at the level of individual cells (cell-level access labels). Different users can access only certain fields of the database to which the corresponding access level (labels) is assigned.
The second important improvement is the server system, which allows rewriting of key / value pairs at various stages of data processing. According to the NSA, this DBMS may find application in public services, health care and other organizations where enhanced security is required.
Now, Apache representatives will have to carefully examine 200 thousand lines of code from the NSA (mainly in Java) and several hundred pages of documentation. In the case of a positive result, after clearing the intellectual property, Accumulo will be accepted into the Apache incubator, and all project materials will be published in the public domain on the Apache website.
')
(The forums say that out of 200 thousand lines of Accumulo code, about 85 thousand are directly taken from Thrift, and another 10 thousand are from other free projects).
Documentation on Accumulo will be posted on the Apache wiki shortly, benchmarks will be published here after the ACM conference on cloud computing on October 26-28.
It should be added that the NSA Agency has long been trying to convince everyone to use protected systems and at the same time rely on Open Source. For many years now they have published in the public domain guides to securely configuring Linux servers , Windows and MacOS. At one time, they developed the Criteria for determining the security of computer systems and tried to convince vendors to be certified (the Orange Book, an analogue of ISO / IEC 15408, was ratified by many countries, including Russia). The agency also spent millions of dollars on developing SELinux (Security-Enhanced Linux), an embedded system that enforces access control, which has been included in the Linux kernel since version 2.6. Accumulo DBMS is another attempt by the NSA to create an infrastructure for developing secure applications.
The main improvement of Accumulo in comparison with BigTable is an advanced system of access control at the level of individual cells (cell-level access labels). Different users can access only certain fields of the database to which the corresponding access level (labels) is assigned.
The second important improvement is the server system, which allows rewriting of key / value pairs at various stages of data processing. According to the NSA, this DBMS may find application in public services, health care and other organizations where enhanced security is required.
Now, Apache representatives will have to carefully examine 200 thousand lines of code from the NSA (mainly in Java) and several hundred pages of documentation. In the case of a positive result, after clearing the intellectual property, Accumulo will be accepted into the Apache incubator, and all project materials will be published in the public domain on the Apache website.
')
(The forums say that out of 200 thousand lines of Accumulo code, about 85 thousand are directly taken from Thrift, and another 10 thousand are from other free projects).
Documentation on Accumulo will be posted on the Apache wiki shortly, benchmarks will be published here after the ACM conference on cloud computing on October 26-28.
It should be added that the NSA Agency has long been trying to convince everyone to use protected systems and at the same time rely on Open Source. For many years now they have published in the public domain guides to securely configuring Linux servers , Windows and MacOS. At one time, they developed the Criteria for determining the security of computer systems and tried to convince vendors to be certified (the Orange Book, an analogue of ISO / IEC 15408, was ratified by many countries, including Russia). The agency also spent millions of dollars on developing SELinux (Security-Enhanced Linux), an embedded system that enforces access control, which has been included in the Linux kernel since version 2.6. Accumulo DBMS is another attempt by the NSA to create an infrastructure for developing secure applications.
Source: https://habr.com/ru/post/127821/
All Articles