The Kerberos is an authentication protocol which creates tickets to allow communication between nodes on non-secured network. Ticket must be periodically triggered by kinit command by each user. In Kerberos we call users as principals. We can divided principals basically into several groups:

• System users – principals for communication between services in Hadoop cluster
• Common users

Read More

Default Apache Nifi installation comes without security layer which exposes the development UI. As a result, users can freely access the Nifi project development with knowledge about the hostname and binding Port. You can see two potential security risks:

• Flow controller attack : full policies to modify the processor on Flow Controller.
• API attack: external invoked requests to start/stop/delete Nifi components.

Read More