Authentication: This refers to challenging a system or user to prove their identity. Only authenticated identities are allowed to gain access into the data system. Authentication in Hadoop can be of two major kinds, simple authentication and pseudo-authentication. The former is a loose kind of security where trust is placed on the user's assertion about their identity. In the latter, systems such as Kerberos are used for authenticating a user. In the industry, the latter is recommended as a best practice. Hadoop even supports seamless integration with a number of user stores such as LDAP and Active Directory. With the help of these stores, Kerberos can be implemented as an authentication mechanism.

Authorization: Authorization refers to granting authenticated users access to data resources. In a multitenant system, or a multiteam organization sharing a single data cluster, policies, compliance, and regulatory norms might...