OWASP Hive Project

Revision as of 14:34, 23 September 2013 by Jason Johnson (Talk | contribs)

Jump to: navigation, search



What is it?

The HIVE project started out as an idea for a learning platform. Using TAHOE-lafs as a storage solution we are able to interlock anything we do into the GRID. What’s the GRID? The GRID is a group of Tahoe enabled capable computers (The BeagleBone Black) could be any computer. The idea is to share data across a GRID in a secure anonymous fashion. Using Tahoe-LAFS we can share and distribute project files lots and lots of data all gathered from the GRID. This uses “provider-independent security” that means I don’t know what your data is and neither does anyone else. Only you know what you uploaded so unless someone beats you with sticks until you hand over you unique URI. It’s all secret! URI looks something like


Currently I am using a 3 to 10 ratio that means you will need at least 3 storage nodes to retrieve files from in order to download your erasure encoded stuff.  There are two kinds of files: immutable and mutable. When you upload a file to the storage grid you can choose which kind of file it will be in the grid. Immutable files can't be modified once they have been uploaded. A mutable file can be modified by someone with read-write access to it. A user can have read-write access to a mutable file or read-only access to it, or no access to it at all. If you want more details the link will take you to a site interactive illustration by Drew Perttula http://bigasterisk.com/tahoe-playground/

Some ways I can see this being useful for OWASP is a HIVE cache that is currently what this project is becoming 10-1000 nodes strong but monitoring is controlled and nodes do what they please. The end goal is to provide a global grid for OWASP and any amount of users can use the GRID; a large, diverse ecosystem of people and organizations who want a storage grid with extremely high reliability and availability.

Example of project based use. Let’s say BOB has a tomcat server and he wants to share its contents to JOE. BOB has Tahoe up and sets up a dropfolder and this folder he sets up just happens to be his entire tomcat folder. As files change they are sent to the grid and encrypted, stored and shared out to people that JOE selected to give his folder URI to. JOE now has a working copy of BOB’s stuff and can help or just create his own environment. All the while we always use SFTP or SSL with our frontends. If a node gets hacked and stolen because JACK forgot to lock up then big deal there are X number of nodes left and the files on JACKS node are encrypted erasure style.

The milestones that I anticipate are:

Sweet user interface Find a LCD for the BeagleBone Black for IP or stats scrolling. The HIVE setup currently shows the nodes in real time. (expand more on this) Make a proposal to OWASP for a more stable introducer and private GRID.

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP_Hive (home page)
Purpose: The HIVE is a bunch of small computers in a cluster or stand alone.

hive (noun)

a. Structure for housing bees aka (WASPS), especially owasps.
b. Colony of bees/owasps living in such a structure.
2. A place swarming with activity.
v. hived, hiv·ing, hives
1. To collect into a hive.
2. To store (data) in a hive.
3. To store up; accumulate.
1. To enter and occupy a hive or network.
2. To live with many others in close association (OWASP).
Phrasal Verb
hive off (term used when gathering)
To set apart from a group: hived off the department into another division.
License: N/A
who is working on this project?
Project Leader(s):
  • Jason Johnson @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Jason Johnson @ to contribute to this project
  • Contact Jason Johnson @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases