A Secure and Light Weight Authentication Service in Hadoop using One Time Pad

To store and process sensitive data related to credit card, healthcare, financial, government which constitutes the big data, Hadoop environment is supplemented with HDFS i.e Hadoop Distributed File System, which is a cloud based, parallel processing, open framework. As the HDFS stores and process critical sensitive data, there is a great need for secure authentication service to authenticate and authorize the user connecting to HDFS. In 2014, Nivethitha et al has proposed first of its kind of authentication service for Hadoop using one time pad. Even though it is novel attempt, in this paper, we will illustrate that, Nivethitha et al scheme is vulnerable to offline password guessing attack and on success of it, an attacker can perform all major attacks on HDFS. As a part of our contribution, we will device a new authentication service for Hadoop framework which is light weight and resists all major attacks compared to Nivethitha et al. authentication service while maintaining the merits of their authentication service.