Apache Ranger as a Top-Level Project
February 10, 2017
Apache Software Foundation (ASF), the all-volunteer developers,
stewards, and incubators of more than 350 Open Source projects and
initiatives, announced today that Apache Ranger™ has graduated from the
Apache Incubator to become a Top-Level Project (TLP), signifying that
the project's community and products have been well-governed under the
ASF's meritocratic process and principles.
The latest addition to the ASF’s more than three dozen projects in Big
Data, Apache Ranger is a centralized framework used to define,
administer and manage security policies consistently across Apache
Hadoop components. Ranger also offers the most comprehensive security
coverage, with native support for numerous Apache projects, including
Atlas (incubating), HBase, HDFS, Hive, Kafka, Knox, NiFi, Solr, Storm,
"Graduating to a Top-Level Project reflects the maturity and growth of
the Ranger Community," said Selvamohan Neethiraj, Vice President of
Apache Ranger. "We are pleased to celebrate a great milestone and
officially play an integral role in the Apache Big Data ecosystem."
Apache Ranger provides a simple and effective way to set access control
policies and audit the data access across the entire Hadoop stack by
following industry best practices. One of the key benefits of Ranger is
that access control policies can be managed by security administrators
from a single place and consistently across hadoop ecosystem. Ranger
also enables the community to add new systems for authorization even
outside Hadoop ecosystem, with a robust plugin architecture, that can be
extended with minimal effort. In addition, Apache Ranger provides many
advanced features, such as:
•Ranger Key Management Service (compatible with Hadoop’s native KMS API
to store and manage encryption keys for HDFS Transparent Data
•Dynamic column masking and row
•Dynamic policy conditions (such as
prohibition of toxic joins);
•User context enrichers (such as
geo-location and time of day mappings); and
•Classification or tag based policies
for Hadoop ecosystem components via integration with Apache Atlas.
"As early adopters of Apache Ranger and having contributed to Apache
Ranger, we have come to rely upon Apache Ranger as a key part of our
security infrastructure for data," said Ferd Scheepers, Chief
Information Architect at ING. "We are therefore pleased to learn that
the project has now graduated to a TLP project through the efforts of
the Apache community. We believe that Apache Ranger represents the
best-in-class Open Source security framework for authorization,
encryption management, and auditing across Hadoop ecosystem. We laud the
community's efforts in building an extensible and enterprise grade
architecture for Apache Ranger, and for innovative features such as tag
or classification based security (built in conjunction with Apache
Atlas). We congratulate the Apache Ranger community on achieving this
significant milestone and are confident Apache Ranger will evolve into
the de-facto standard for security stack across the Hadoop ecosystem."
"As heavy users of Apache Ranger in production, we are pleased to see
the project become a TLP through validation across community efforts,"
said Timothy R. Connor, Big Data & Advanced Analytics Manager at Sprint.
"Apache Ranger has built a next generation ABAC model for authorization
along with a robust data-centric Open Source security framework
supporting advanced security capabilities such as dynamic row filtering
and column masking. All of these point to Apache Ranger maturing into a
robust and comprehensive security product for authorization, encryption
management and auditing through the Apache community."
"It's great to see Apache Ranger become a TLP," said Dominic Sartorio,
Senior Vice President of Products & Development at Protegrity. "Apache
Ranger's comprehensive auditing and broad authorization coverage across
the Hadoop ecosystem, along with its highly scalable and extensible
architecture and rich set of APIs, integrates very well with
Protegrity's fine grained data protection capabilities. Our continued
collaboration with the Apache Ranger community will help meet the data
security requirements of the next generation of enterprise-grade
production Hadoop deployments."
organizations entrust their enterprise data to Open Source data
platforms such as Apache Hadoop, there is a critical need to use the
most innovative techniques to safeguard this data," said Alan Gates,
Co-Founder of HortonWorks and Apache Ranger incubation mentor. "Apache
Ranger community has taken the original, proprietary code base and used
it to build a new and successful Apache project that employs an
attribute-based approach to define and enforce authorization policies.
This modern approach is a combination of subject, action, resource, and
environment and goes beyond role-based access control techniques
exclusively based on organizational roles - permissions mapping. It has
been a pleasure to be their mentor in this process and help them learn
the Apache way."
"More and more users are adopting Apache Ranger to secure data in the
Hadoop ecosystem," added Neethiraj. "We look forward to welcoming new
Ranger users to our mailing lists and community events."
Apache Ranger software is released under the Apache License v2.0 and is
overseen by a self-selected team of active contributors to the project.
A Project Management Committee (PMC) guides the Project's day-to-day
operations, including community development and product releases.