Graphenus is designed following a Zero Trust Architecture pattern: any element interacting with the platform must be properly authenticated, and all services verify this authentication.
The security architecture is composed of the reference tools for security management.
Apache Ranger is the reference framework for securing, monitoring and centrally managing security in Hadoop environments.
FreeIPA allows you to manage the identity of users and services operating on the platform, as well as authentication via Kerberos. It also provides additional services for certificate management and DNS zone management.
Knox is a reverse proxy for accessing the websites and APIs of kerberised services through a web interface, providing a common access point for all of them.
Keycloak is an Identity Manager that allows to unify the web access to the different tools through OIDC protocol.
Keycloack also allows the implementation of SSO.
Graphenus allows the configuration and management of cross platform security policies.
Security aspects of note:
Unified management of users, roles, profiles and permissions, both through an API and through a user frontend
Security management at the highest possible level of detail.
Standardisation of the authorisation method across the entire platform.
Audit of access and operations carried out by system users.
Full scalability of authentication and identity verification services.
