Hive2 server supports only LDAP and Kerberos for authentication, but also custom authentication modules. We need to support SSL/TLS certificate based authentication and implement a custom authentication module for hive2.
Hive2 supports column-level access control, and i believe this involves storing Hive users in a new table in the metastore along with the access control rules (in other tables). We would need to cache the users/roles/privileges in memory to reduce load on NDB. We could invalidate the cache using ePipe to identify when there are changes in privileges/users/roles.