NSA open sources Google database mimic
Crypto masters incubate Son of BigTable
Customer Success Testimonial: Recovery is Everything
The US National Security Agency is open sourcing a distributed "NoSQL" database based on Google's proprietary BigTable platform.
Known as Accumulo, the platform has been in development at the NSA for over three years, and it's built atop Hadoop, the open source distributed file system and distributed number-crunching platform that mimics Google's internal infrastructure.
Unlike existing BigTable mimics such as HBase, Accumolo has "fine-grained" access controls and a new server-side programming mechanism that can modify data that's written to disk, or returned to the user. Using the cell-level access labels, you can provide external servers with access to some cells in the Accumolo data store but not others.
The NSA believes this may be of interest to government and health care operations and other outfits concerned with privacy. It acknowledges, however, that the access labels do not constitute a "complete security solution".
As noticed by H Online, the NSA has officially proposed Accumulo as an incubator project at Apache. Though the agency has little experience with public open source work, it says that the project has been "treated internally" as an open source project since its inception in 2008.
"We intend to strongly encourage the community to help with and contribute to the code. We will actively seek potential committers and help them become familiar with the codebase," the agency says. "We do not anticipate difficulty in operating under Apache's development process."
It does acknowledges, however, that the project overlaps with HBase.
"Accumulo and HBase are both based on the design of Google's BigTable, so there is a danger that potential users will have difficulty distinguishing the two or that they will not see an incentive in adopting Accumulo. There are a few key areas in which Accumulo differs from HBase. Some of the desired features of Accumulo could be incorporated into HBase, however the most important of these may be unlikely to be adopted," the agency continues, referring to both the cell-level access labels and the server-side programming mechanism.
"It is a possibility that the codebases will ultimately converge, but the number of differences at the current time warrants a separate project for Accumulo."
Google does not open source the software platforms underpinning its internal infrastructure. But in 2004, it published papers describing its GFS distributed file system and its MapReduce distributed number crunching platform, and these gave rise to the independent Hadoop, which resides at Apache. Google's BigTable paper followed in 2006, and this served as the basis for HBase as well as Acumulo.
According to the NSA, its project now spans over 200,000 lines of (mostly Java) code and hundreds of pages of documentation. It's built atop not only the core Hadoop platforms, but Apache Zookeeper (a means of managing distributed services) and Thift (a framework for developing services across multiple languages).
At this point, there is no indication that the database platform is part of a top secret NSA mission to plant a trojan horse on the machines of innocent open source mavens across the globe. But we'll keep you updated. ®
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
COMMENTS
Too late
Might work. I think a "complete security solution" regarding personal privacy would have entailed apprenticing Eric Schmidt to a Plumber or Carpenter many years ago. Seems a bit late for that.
----
Not too late to give the man a gimp mask and apprentice him to Mistress Keepa Hitten. She'll learn him.
Mines the one with the .... sod it, just let me out.
BigTable, without the piles of money.
'The NSA believes this may be of interest to government and health care operations and other outfits concerned with privacy. It acknowledges, however, that the access labels do not constitute a "complete security solution".'
Might work. I think a "complete security solution" regarding personal privacy would have entailed apprenticing Eric Schmidt to a Plumber or Carpenter many years ago. Seems a bit late for that.
Huh?
"Though the agency has little experience with public open source work..."
Do you mean with applications or just in general?
Because Flask aka SELinux, which is a mainstay security enhancement on most distributions of Linux and BSD used in Enterprise (RHEL is the best example, I believe Ubuntu has it, and all of the major versions of BSD also have it), was developed and implemented at NSA/CSS* with cooperation from the University of Utah. Utah provided a research version of the GNU/Linux OS called Fluke and NSA/CSS provided the enhancement.
So when it comes to pure applications, no NSA/CSS really hasn't done much public open source work. Im sure there are classified programs that are open-sourced inside the Agency but if its classified, does it really make the code open source?
-----------------------------------------------------------------------------------------
*NSA's proper name is NSA/CSS, it means National Security Agency/Central Security Service. The CSS isn't as well known, its mostly a fusion agency for COMINT and MASINT collected by the various Military Intelligence Agencies, like US Army Intelligence and Security Command, the US Naval Security Group, Coast Guard Intelligence, US Marine Corps Intelligence, and the US Air Force Intelligence, Surveillance, and Reconnaissance Agency.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
