Apache Hadoop achieves security by using Kerberos.
At a high level, there are three steps that a client must take to access a service when using Kerberos. Thus, each of which involves a message exchange with a server.
* Authentication : The client authenticates itself to the authentication server. Then, receives a timestamped Ticket-Granting Ticket (TGT).
* Authorization : The client uses the TGT to request a service ticket from the Ticket Granting Server.
* Service Request : The client uses the service ticket to authenticate itself to the server.