As the computer networks become more popular, the need to retrieve and process large amounts of data rapidly, in a cloud computation architecture, becomes a definite necessity. The Apache Hadoop is a framework that is open-sourced, and developed to meet the challenge of managing and processing internet resources.
When using the Hadoop library in development, one usually incorporates the Hadoop framework in the development library. This is usually done without considering whether the framework has any unknown structural flaw or inherent security issues.These security weakness are going to change into a major risk and cause significant loss later on. Therefore, whether or not the open-source code meets modern requirements for information security becomes a important issue.
This study aims to examine the Apache Hadoop framework using HP-Fortify and Yasca to identify any unsafe code within the Hadoop Common set of utilities. Any security risk is categorized by its severity. For each category, we propose suggestions to develop a process to handle the security problems and to enhance the security of the software.
