Graphenus is designed following a Zero Trust Architecture pattern: any element interacting with the platform must be properly authenticated, and all services verify this authentication.
The security architecture is composed of the reference tools for security management.
Apache Ranger is the framework of reference for securing, monitoring and managing centrally the security of environments Hadoop.
FreeIPA allows manage the identity of users and services operating on the platform, as well as authentication via Kerberos. It also has additional services for the management of certificates and DNS zones.
Knox is a reverse proxy for access to the websites and APIs of kerberised services through a web interfaceThe new system will provide a common access point for all of them.
Keycloak is an Identity Manager that allows you to unify web access to the different tools through the OIDC protocol.Keycloack also allows the OHS implementation.
Graphenus allows the configuration and management of cross platform security policies.
Security aspects of note:
- Unified management of users, roles, profiles and permissions, both through an API and through a user front end.
- Security management by maximum level of detail possible.
- Standardisation of the authorisation method along the entire length of the platform.
- Audit of access and operations carried out by users of the system.
- Full scalability of authentication and identity verification services.
