Skip to main content
SpringerLink
Log in

Security and Privacy for Big Data

  • Chapter
  • First Online:
Big Data Concepts, Theories, and Applications

Abstract

Security and privacy is one of the critical issues for big data and has drawn great attention of both industry and research community. Following this major trend, in this chapter we provide an overview of state-of-the-art research issues and achievements in the field of security and privacy of big data, by highlighting recent advances in data encryption, privacy preservation and trust management. In section of data encryption, searchable encryption, order-preserving encryption, structured encryption and homomorphic encryption are respectively analyzed. In section of privacy preservation, three representative mechanisms including access control, auditing and statistical privacy, are reviewed. In section of trust management, several approaches especially trusted computing based approaches and trust and reputation models are investigated. Besides, current security measures for big data platforms, particularly for Apache Hadoop, are also discussed. The approaches presented in the chapter selected for this survey represent only a small fraction of the wide research effort within security and privacy of big data. Nevertheless, they serve as an indication of the diversity of challenges that are being addressed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Sagiroglu S, Sinanc D (2013) Big data: a review. In: International conference on collaboration technologies and systems (CTS). IEEE, pp 42–47

    Google Scholar 

  2. Bösch C, Hartel P, Jonker W, Peter A (2014) A survey of provably secure searchable encryption. ACM Comput Surv (CSUR) 47(2):18

    Article  Google Scholar 

  3. Song DX, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceedings of the IEEE symposium on security and privacy (SP). IEEE, pp 44–55

    Google Scholar 

  4. Goh E-J (2003) Secure indexes. IACR Cryptology ePrint Archive 2003:216

    Google Scholar 

  5. Chang Y-C, Mitzenmacher M (2005) Privacy preserving keyword searches on remote encrypted data. In: Ioannidis J, Keromytis A, Yung M (eds) Applied cryptography and network security. Springer, Heidelberg, pp 442–455

    Chapter  Google Scholar 

  6. Curtmola R, Garay J, Kamara S, Ostrovsky R (2006) Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, pp 79–88

    Google Scholar 

  7. Golle P, Staddon J, Waters B (2004) Secure conjunctive keyword search over encrypted data. In: Jakobsson M, Yung M, Zhou J (eds) Applied cryptography and network security. Springer, Heidelberg, pp 31–45

    Chapter  Google Scholar 

  8. Cash D, Jarecki S, Jutla C, Krawczyk H, Roşu M-C, Steiner M (2013) Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti R, Garay JA (eds) Advances in cryptology–CRYPTO 2013. Springer, Heidelberg, pp 353–373

    Chapter  Google Scholar 

  9. Adjedj M, Bringer J, Chabanne H, Kindarji B (2009) Biometric identification over encrypted data made feasible. In: Prakash A, Gupta IS (eds) Information systems security. Springer, Heidelberg, pp 86–100

    Chapter  Google Scholar 

  10. Li J, Wang Q, Wang C, Cao N, Ren K, Lou W (2010) Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings of INFOCOM 2010, IEEE, pp 1–5

    Google Scholar 

  11. Kamara S, Papamanthou C, Roeder T (2012) Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM conference on computer and communications security. ACM, pp 965–976

    Google Scholar 

  12. Naveed M, Prabhakaran M, Gunter C (2014) Dynamic searchable encryption via blind storage. In: IEEE symposium on security and privacy (SP). IEEE, pp 639–654

    Google Scholar 

  13. Stefanov E, Papamanthou C, Shi E (2013) Practical dynamic searchable encryption with small leakage. IACR Cryptol ePrint Arch 2013:832

    Google Scholar 

  14. Boneh D, Di Crescenzo G, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: Cachin C, Camenisch J (eds) Advances in cryptology-Eurocrypt 2004. Springer, Heidelberg, pp 506–522

    Chapter  Google Scholar 

  15. Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H (2005) Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Shoup V (ed) Advances in cryptology–CRYPTO 2005. Springer, Heidelberg, pp 205–222

    Chapter  Google Scholar 

  16. Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Vadhan SP (ed) Theory of cryptography. Springer, Heidelberg, pp 535–554

    Chapter  Google Scholar 

  17. Shi E, Bethencourt J, Chan TH, Song D, Perrig A (2007) Multi-dimensional range query over encrypted data. In: IEEE symposium on security and privacy (SP’07). IEEE, pp 350–364

    Google Scholar 

  18. Bao F, Deng RH, Ding X, Yang Y (2008) Private query on encrypted data in multi-user settings. In: Chen L, Mu Y, Susilo W (eds) Information security practice and experience. Springer, Heidelberg, pp 71–85

    Chapter  Google Scholar 

  19. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD international conference on management of data. ACM, pp 563–574

    Google Scholar 

  20. Boldyreva A, Chenette N, O’Neill A (2011) Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway P (ed) Advances in cryptology–CRYPTO 2011. Springer, Heidelberg, pp 578–595

    Chapter  Google Scholar 

  21. Mavroforakis C, Chenette N, O’Neill A, Kollios G, Canetti R (2015) Modular order-preserving encryption, Revisited. pp 763–777. doi:10.1145/2723372.2749455

  22. Malkin T, Teranishi I, Yung M (2013) Order-preserving encryption secure beyond one-wayness. IACR Cryptol ePrint Arch 2013:409

    MATH  Google Scholar 

  23. Pandey O, Rouselakis Y (2012) Property preserving symmetric encryption. In: Pointcheval D, Johansson T (eds) Advances in cryptology–EUROCRYPT 2012. Springer, Heidelberg, pp 375–391

    Chapter  Google Scholar 

  24. Boldyreva A, Chenette N, Lee Y, O’neill A (2009) Order-preserving symmetric encryption. In: Joux A (ed) Advances in cryptology-EUROCRYPT 2009. Springer, Heidelberg, pp 224–241

    Chapter  Google Scholar 

  25. Xiao L, Yen I-L, Huynh D (2012) A note for the ideal order-preserving encryption object and generalized order-preserving encryption. IACR Cryptol ePrint Arch 2012:350

    Google Scholar 

  26. Popa RA, Li FH, Zeldovich N (2013) An ideal-security protocol for order-preserving encoding. In: IEEE symposium on security and privacy (SP). IEEE, pp 463–477

    Google Scholar 

  27. Chase M, Kamara S (2010) Structured encryption and controlled disclosure. In: Abe M (ed) Advances in cryptology-ASIACRYPT 2010. Springer, Heidelberg, pp 577–594

    Chapter  Google Scholar 

  28. Kamara S, Wei L (2013) Garbled circuits via structured encryption. Springer, Heidelberg

    Book  Google Scholar 

  29. Naor M, Reingold O (1995) Synthesizers and their application to the parallel construction of pseudo-random functions. In: Proceedings of the 36th annual symposium on foundations of computer science. IEEE, pp 170–181

    Google Scholar 

  30. Poh GS, Mohamad MS, Z’aba MR (2012) Structured encryption for conceptual graphs. In: Hanaoka G, Yamauchi T (eds) Advances in information and computer security. Springer, Heidelberg, pp 105–122

    Chapter  Google Scholar 

  31. Mohamad MS, Poh GS (2013) Verifiable structured encryption. In: Kutylowski M, Yung M (eds) Information security and cryptology. Springer, Heidelberg, pp 137–156

    Chapter  Google Scholar 

  32. Kurosawa K, Ohtaki Y (2012) UC-secure searchable symmetric encryption. In: Keromytis AD (ed) Financial cryptography and data security. Springer, Heidelberg, pp 285–298

    Chapter  Google Scholar 

  33. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: STOC. pp 169–178

    Google Scholar 

  34. Van Dijk M, Gentry C, Halevi S, Vaikuntanathan V (2010) Fully homomorphic encryption over the integers. In: Gilbert H (ed) Advances in cryptology–EUROCRYPT 2010. Springer, Heidelberg, pp 24–43

    Chapter  Google Scholar 

  35. Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway P (ed) Advances in cryptology–CRYPTO 2011. Springer, Heidelberg, pp 505–524

    Chapter  Google Scholar 

  36. Gentry C, Halevi S (2011) Fully homomorphic encryption without squashing using depth-3 arithmetic circuits. In: IEEE 52nd annual symposium on foundations of computer science (FOCS). IEEE, pp 107–109

    Google Scholar 

  37. Gentry C, Sahai A, Waters B (2013) Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti R, Garay JA (eds) Advances in cryptology–CRYPTO 2013. Springer, Heidelberg, pp 75–92

    Chapter  Google Scholar 

  38. Brakerski Z, Gentry C, Vaikuntanathan V (2012) (Leveled) fully homomorphic encryption without bootstrapping. In: Proceedings of the 3rd innovations in theoretical computer science conference. ACM, pp 309–325

    Google Scholar 

  39. Aguilar-Melchor C, Fau S, Fontaine C, Gogniat G, Sirdey R (2013) Recent advances in homomorphic encryption: a possible future for signal processing in the encrypted domain. IEEE Signal Process Mag 30(2):108–117

    Article  Google Scholar 

  40. Brakerski Z, Vaikuntanathan V (2014) Efficient fully homomorphic encryption from (standard) LWE. SIAM J Comput 43(2):831–871

    Article  MATH  Google Scholar 

  41. Gentry C, Halevi S (2011) Implementing Gentry’s fully-homomorphic encryption scheme. In: Paterson KG (ed) Advances in cryptology–EUROCRYPT 2011. Springer, Heidelberg, pp 129–148

    Chapter  Google Scholar 

  42. Fau S, Sirdey R, Fontaine C, Aguilar-Melchor C, Gogniat G (2013) Towards practical program execution over fully homomorphic encryption schemes. In: Eighth international conference on P2P, parallel, grid, cloud and internet computing (3PGCIC). IEEE, pp 284–290

    Google Scholar 

  43. Almutairi AA, Sarfraz MI, Basalamah S, Aref WG, Ghafoor A (2011) A distributed access control architecture for cloud computing. IEEE Softw 2:36–44

    Google Scholar 

  44. Hu VC, Grance T, Ferraiolo DF, Kuhn DR (2014) An access control scheme for big data processing. In: International conference on collaborative computing: networking, applications and worksharing (CollaborateCom). IEEE, pp 1–7

    Google Scholar 

  45. Zeng W, Yang Y, Luo B (2013) Access control for big data using data content. In: IEEE international conference on big data. IEEE, pp 45–47

    Google Scholar 

  46. Oulmakhzoune S, Cuppens-Boulahia N, Cuppens F, Morucci S, Barhamgi M, Benslimane D (2014) Privacy query rewriting algorithm instrumented by a privacy-aware access control model. Ann Telecommun 69(1–2):3–19

    Article  Google Scholar 

  47. Mazurek ML, Liang Y, Melicher W, Sleeper M, Bauer L, Ganger GR, Gupta N, Reiter MK (2014) Toward strong, usable access control for shared distributed data. In: Proceedings of the 12th USENIX conference on file and storage technologies. USENIX Association, pp 89–103

    Google Scholar 

  48. Li H, Wang S, Tian X, Wei W, Sun C (2015) A survey of extended role-based access control in cloud computing. In: Proceedings of the 4th international conference on computer engineering and networks. Springer, pp 821–831

    Google Scholar 

  49. Nabeel M, Shang N, Bertino E (2013) Privacy preserving policy-based content sharing in public clouds. IEEE Trans Knowl Data Eng 25(11):2602–2614

    Article  Google Scholar 

  50. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in cryptology–EUROCRYPT 2005. Springer, Heidelberg, pp 457–473

    Chapter  Google Scholar 

  51. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, pp 89–98

    Google Scholar 

  52. Ostrovsky R, Sahai A, Waters B (2007) Attribute-Based encryption with non-monotonic access structures. In: CCS Proceedings of ACM conference on computer & communications security

    Google Scholar 

  53. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp 1–9

    Google Scholar 

  54. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy (SP’07). IEEE, pp 321–334

    Google Scholar 

  55. Bobba R, Khurana H, Prabhakaran M (2009) Attribute-sets: a practically motivated enhancement to attribute-based encryption. In: Backes M, Ning P (eds) Computer security–ESORICS 2009. Springer, Heidelberg, pp 587–604

    Chapter  Google Scholar 

  56. Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  57. Wang G, Liu Q, Wu J (2010) Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the 17th ACM conference on computer and communications security. ACM, pp 735–737

    Google Scholar 

  58. Wan Z, Liu JE, Deng RH (2012) HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans Inf Forensics Secur 7(2): 743–754

    Article  Google Scholar 

  59. Ganjali A, Lie D (2012) Auditing cloud management using information flow tracking. In: Proceedings of the seventh ACM workshop on scalable trusted computing. ACM, pp 79–84

    Google Scholar 

  60. Pappas V, Kemerlis VP, Zavou A, Polychronakis M, Keromytis AD (2013) CloudFence: data flow tracking as a cloud service. In: Stolfo SJ, Stavrou A, Wright CV (eds) Research in attacks, intrusions, and defenses. Springer, Heidelberg, pp 411–431

    Chapter  Google Scholar 

  61. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 598–609

    Google Scholar 

  62. Juels A, Kaliski Jr BS (2007) PORs: Proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 584–597

    Google Scholar 

  63. Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication networks. ACM, p 9

    Google Scholar 

  64. Erway CC, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur (TISSEC) 17(4):15

    Article  Google Scholar 

  65. Zhu Y, Hu H, Ahn G-J, Han Y, Chen S (2011) Collaborative integrity verification in hybrid clouds. In: 7th International conference on collaborative computing: networking, applications and worksharing (CollaborateCom). IEEE, pp 191–200

    Google Scholar 

  66. Zhu Y, Hu H, Ahn G-J, Yau SS (2012) Efficient audit service outsourcing for data integrity in clouds. J Syst Softw 85(5):1083–1095

    Article  Google Scholar 

  67. Zhu Y, Wang H, Hu Z, Ahn G-J, Hu H (2011) Zero-knowledge proofs of retrievability. Sci China Inf Sci 54(8):1608–1617

    Article  MathSciNet  MATH  Google Scholar 

  68. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp 1–9

    Google Scholar 

  69. Shacham H, Waters B (2008) Compact proofs of retrievability. In: Pieprzyk J (ed) Advances in cryptology-ASIACRYPT 2008. Springer, Heidelberg, pp 90–107

    Chapter  Google Scholar 

  70. Wang Q, Wang C, Li J, Ren K, Lou W (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes M, Ning P (eds) Computer security–ESORICS 2009. Springer, Heidelberg, pp 355–370

    Chapter  Google Scholar 

  71. Bowers KD, Juels A, Oprea A (2009) HAIL: a high-availability and integrity layer for cloud storage. In: Proceedings of the 16th ACM conference on computer and communications security. ACM, pp 187–198

    Google Scholar 

  72. Dodis Y, Vadhan S, Wichs D (2009) Proofs of retrievability via hardness amplification. In: Reingold O (ed) Theory of cryptography. Springer, Heidelberg, pp 109–127

    Chapter  Google Scholar 

  73. Cash D, Küpçü A, Wichs D (2013) Dynamic proofs of retrievability via oblivious ram. In: Johansson T, Nguyen P (eds) Advances in cryptology–EUROCRYPT 2013. Springer, Heidelberg, pp 279–295

    Chapter  Google Scholar 

  74. Stefanov E, van Dijk M, Juels A, Oprea A (2012) Iris: A scalable cloud file system with efficient integrity checks. In: Proceedings of the 28th annual computer security applications conference. ACM, pp 229–238

    Google Scholar 

  75. Shi E, Stefanov E, Papamanthou C (2013) Practical dynamic proofs of retrievability. In: Proceedings of the 2013 ACM SIGSAC conference on computer & communications security. ACM, pp 325–336

    Google Scholar 

  76. Yuan J, Yu S (2013) Proofs of retrievability with public verifiability and constant communication cost in cloud. In: Proceedings of the 2013 international workshop on security in cloud computing. ACM, pp 19–26

    Google Scholar 

  77. Liu C, Chen J, Yang LT, Zhang X, Yang C, Ranjan R, Rao K (2014) Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates. IEEE Trans Parallel Distrib Syst 25(9):2234–2244

    Article  Google Scholar 

  78. Küpçü A (2010) Efficient cryptography for the next generation secure cloud: protocols, proofs, and implementation. Lambert Academic Publishing

    Google Scholar 

  79. Liu C, Ranjan R, Zhang X, Yang C, Georgakopoulos D, Chen J (2013) Public auditing for Big Data storage in cloud computing—a survey. In: 16th international conference on Computational Science and Engineering (CSE). IEEE, pp 1128–1135

    Google Scholar 

  80. Wei DS, Murugesan S, Kuo S-Y, Naik K, Krizanc D (2013) Enhancing data integrity and privacy in the cloud: an agenda. IEEE Comput 46(11):87–90

    Article  Google Scholar 

  81. Aggarwal CC, Philip SY (2008) A general survey of privacy-preserving data mining models and algorithms. Springer

    Google Scholar 

  82. Samarati P, Sweeney L (1998) Generalizing data to provide anonymity when disclosing information. In: PODS. p 188

    Google Scholar 

  83. Machanavajjhala A, Kifer D, Gehrke J, Venkitasubramaniam M (2007) l-diversity: privacy beyond k-anonymity. ACM Trans Knowl Discov Data (TKDD) 1(1):3

    Article  Google Scholar 

  84. Wong R, Li J, Fu A, Wang K (2009) (α, k)-anonymous data publishing. J Intell Inf Syst 33(2):209–234

    Article  Google Scholar 

  85. Li NH, Li TC, Venkatasubramanian S(2007) t-closeness: privacy beyond k-anonymity and l-diversity. In: IEEE 23rd international conference on data engineering (ICDE 2007). IEEE, pp 106–115

    Google Scholar 

  86. Zhang Q, Koudas N, Srivastava D, Yu T (2007) Aggregate query answering on anonymized tables. In: IEEE 23rd international conference on data engineering (ICDE 2007). IEEE, pp 116–125

    Google Scholar 

  87. Martin DJ, Kifer D, Machanavajjhala A, Gehrke J, Halpern JY (2007) Worst-case background knowledge for privacy-preserving data publishing. In: IEEE 23rd international conference on data engineering (ICDE 2007). IEEE, pp 126–135

    Google Scholar 

  88. Li T, Li N (2008) Injector: mining background knowledge for data anonymization. In: IEEE 24th international conference on data engineering (ICDE 2008). IEEE, pp 446–455

    Google Scholar 

  89. Kisilevich S, Rokach L, Elovici Y, Shapira B (2010) Efficient multidimensional suppression for k-anonymity. IEEE Trans Knowl Data Eng 22(3):334–347

    Article  Google Scholar 

  90. Matatov N, Rokach L, Maimon O (2010) Privacy-preserving data mining: a feature set partitioning approach. Inform Sci 180(14):2696–2720

    Article  MathSciNet  Google Scholar 

  91. Tassa T, Mazza A, Gionis A (2012) k-concealment: an alternative model of k-Type anonymity. Trans Data Priv 5(1):189–222

    MathSciNet  Google Scholar 

  92. Dwork C (2011) Differential privacy. In: Encyclopedia of cryptography and security. Springer, Heidelberg, pp 338–340

    Google Scholar 

  93. Oh S, Viswanath P (2013) The composition theorem for differential privacy. Preprint. arXiv:13110776

    Google Scholar 

  94. Smith A (2011) Privacy-preserving statistical estimation with optimal convergence rates. In: Proceedings of the 43rd annual ACM symposium on theory of computing. ACM, pp 813–822

    Google Scholar 

  95. Le Ny J, Pappas GJ (2014) Differentially private filtering. IEEE Trans Autom Control 59(2):341–354

    Article  MathSciNet  Google Scholar 

  96. Lu W, Miklau G (2014) Exponential random graph estimation under differential privacy. In: Proceedings of the 20th ACM SIGKDD international conference on knowledge discovery and data mining. ACM, pp 921–930

    Google Scholar 

  97. Ji Z, Lipton ZC, Elkan C (2014) Differential privacy and machine learning: a survey and review. Preprint. arXiv:14127584

    Google Scholar 

  98. Barber RF, Duchi JC (2014) Privacy and statistical risk: formalisms and minimax bounds. Preprint, arXiv:14124451

    Google Scholar 

  99. Reed J, Pierce BC (2010) Distance makes the types grow stronger: a calculus for differential privacy. ACM Sigplan Not 45(9):157–168

    Article  MATH  Google Scholar 

  100. Gaboardi M, Haeberlen A, Hsu J, Narayan A, Pierce BC (2013) Linear dependent types for differential privacy. In: ACM SIGPLAN Notices, vol 1. ACM, pp 357–370

    Google Scholar 

  101. McSherry FD (2009) Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the 2009 ACM SIGMOD international conference on management of data. ACM, pp 19–30

    Google Scholar 

  102. Roy I, Setty ST, Kilzer A, Shmatikov V, Witchel E (2010) Airavat: security and privacy for MapReduce. NSDI 10:297–312

    Google Scholar 

  103. Barthe G, Köpf B, Olmedo F, Zanella Béguelin S (2012) Probabilistic relational reasoning for differential privacy. In: ACM SIGPLAN Notices, vol 1. ACM, pp 97–110

    Google Scholar 

  104. Soria-Comas J, Domingo-Ferrer J, Sanchez D, Martinez S (2013) Improving the utility of differentially private data releases via k-anonymity. In: 12th IEEE international conference on trust, security and privacy in computing and communications (TrustCom). IEEE, pp 372–379

    Google Scholar 

  105. He X, Machanavajjhala A, Ding B (2014) Blowfish privacy: tuning privacy-utility trade-offs using policies. In: Proceedings of the 2014 ACM SIGMOD international conference on management of data. ACM, pp 1447–1458

    Google Scholar 

  106. Singh S, Bawa S (2007) A privacy, trust and policy based authorization framework for services in distributed environments. Int J Comput Sci 2(2):85–92

    Google Scholar 

  107. Sherchan W, Nepal S, Paris C (2013) A survey of trust in social networks. ACM Comput Surv (CSUR) 45(4):47

    Article  Google Scholar 

  108. Pawar PS, Rajarajan M, Nair SK, Zisman A (2012) Trust model for optimized cloud services. In: Dimitrakos T, Moona R, Patel D, McKnigh DH (eds) Trust management VI. Springer, Heidelberg, pp 97–112

    Chapter  Google Scholar 

  109. Kannan J, Maniatis P, Chun B-G (2011) Secure data preservers for web services. In: Proceedings of the Second USENIX conference on web application development. pp 25–36

    Google Scholar 

  110. Raj H, Robinson D, Tariq TB, England P, Saroiu S, Wolman A (2011) Credo: trusted computing for guest VMs with a commodity hypervisor. Technical Report MSR-TR-2011-130, Microsoft Research

    Google Scholar 

  111. Santos N, Rodrigues R, Gummadi KP, Saroiu S (2012) Policy-sealed data: a new abstraction for building trusted cloud services. In: USENIX security symposium. pp 175–188

    Google Scholar 

  112. Krautheim FJ (2009) Private virtual infrastructure for cloud computing. In: Proceedings of HotCloud

    Google Scholar 

  113. Schiffman J, Moyer T, Vijayakumar H, Jaeger T, McDaniel P (2010) Seeding clouds with trust anchors. In: Proceedings of the 2010 ACM workshop on Cloud computing security workshop. ACM, pp 43–46

    Google Scholar 

  114. Santos N, Gummadi KP, Rodrigues R (2009) Towards trusted cloud computing. In: Proceedings of the 2009 conference on hot topics in cloud computing. San Diego, CA, pp 3–3

    Google Scholar 

  115. Adali S, Escriva R, Goldberg MK, Hayvanovych M, Magdon-Ismail M, Szymanski BK, Wallace W, Williams G (2010) Measuring behavioral trust in social networks. In: IEEE international conference on Intelligence and Security Informatics (ISI). IEEE, pp 150–152

    Google Scholar 

  116. Malik Z, Akbar I, Bouguettaya A (2009) Web services reputation assessment using a hidden Markov model. In: Bares L, Chi C-H, Suzuki J (eds) Service-oriented computing. Springer, Heidelberg, pp 576–591

    Chapter  Google Scholar 

  117. Noor TH, Sheng QZ, Zeadally S, Yu J (2013) Trust management of services in cloud environments: obstacles and solutions. ACM Comput Surv (CSUR) 46(1):12

    Article  Google Scholar 

  118. Jøsang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43(2):618–644

    Article  Google Scholar 

  119. Ferrer AJ, HernáNdez F, Tordsson J, Elmroth E, Ali-Eldin A, Zsigri C, Sirvent R, Guitart J, Badia RM, Djemame K (2012) OPTIMIS: a holistic approach to cloud service provisioning. Futur Gener Comput Syst 28(1):66–77

    Article  Google Scholar 

  120. Hwang K, Kulkareni S, Hu Y (2009) Cloud security with virtualized defense and reputation-based trust management. In: Eighth IEEE international conference on dependable, autonomic and secure computing (DASC’09). IEEE, pp 717–722

    Google Scholar 

  121. Alhamad M, Dillon T, Chang E (2010) Sla-based trust model for cloud computing. In: 13th international conference on network-based information systems (NBiS). IEEE, pp 321–324

    Google Scholar 

  122. Jøsang A (2001) A logic for uncertain probabilities. Int J Uncertainty Fuzziness Knowledge Based Syst 9(03):279–311

    Article  MathSciNet  MATH  Google Scholar 

  123. Habib SM, Ries S, Mühlhäuser M, Varikkattu P (2014) Towards a trust management system for cloud computing marketplaces: using CAIQ as a trust information source. Secur Commun Netw 7(11):2185–2200

    Article  Google Scholar 

  124. Ko RK, Lee BS, Pearson S (2011) Towards achieving accountability, auditability and trust in cloud computing. In: Abraham A et al (eds) Advances in computing and communications. Springer, Heidelberg, pp 432–444

    Chapter  Google Scholar 

  125. Ko RK, Jagadpramana P, Mowbray M, Pearson S, Kirchberg M, Liang Q, Lee BS (2011) TrustCloud: A framework for accountability and trust in cloud computing. In: IEEE World Congress on Services (SERVICES). IEEE, pp 584–588

    Google Scholar 

  126. Toosi AN, Calheiros RN, Buyya R (2014) Interconnected cloud computing environments: challenges, taxonomy, and survey. ACM Comput Surv (CSUR) 47(1):7

    Article  Google Scholar 

  127. Bernstein D, Vij D (2010) Intercloud security considerations. In: IEEE second international conference Cloud Computing Technology and Science (CloudCom). IEEE, pp 537–544

    Google Scholar 

  128. Abawajy J (2009) Determining service trustworthiness in intercloud computing environments. In: 10th international symposium on pervasive systems, algorithms, and networks (ISPAN). IEEE, pp 784–788

    Google Scholar 

  129. Celesti A, Tusa F, Villari M, Puliafito A (2010) How to enhance cloud architectures to enable cross-federation. In: IEEE 3rd international conference cloud computing (CLOUD). IEEE, pp 337–345

    Google Scholar 

  130. Yan Z, Zhang P, Vasilakos AV (2014) A survey on trust management for internet of things. J Netw Comput Appl 42:120–134

    Article  Google Scholar 

  131. Govindan K, Mohapatra P (2012) Trust computations and trust dynamics in mobile adhoc networks: a survey. IEEE Commun Surv Tutorials 14(2):279–298

    Article  Google Scholar 

  132. Sanger J, Richthammer C, Hassan S, Pernul G (2014) Trust and big data: a roadmap for research. In: 25th international workshop on database and expert systems applications (DEXA). IEEE, pp 278–282

    Google Scholar 

  133. Băsescu C, Carpen-Amarie A, Leordeanu C, Costan A, Antoniu G (2011) Managing data access on clouds: a generic framework for enforcing security policies. In: IEEE international conference on advanced information networking and applications (AINA). IEEE, pp 459–466

    Google Scholar 

  134. Neuman BC, Ts’O T (1994) Kerberos: an authentication service for computer networks. IEEE Commun Mag 32(9):33–38

    Article  Google Scholar 

  135. Chang F, Dean J, Ghemawat S, Hsieh WC, Wallach DA, Burrows M, Chandra T, Fikes A, Gruber RE (2008) Bigtable: a distributed storage system for structured data. ACM Trans Comput Syst (TOCS) 26(2):4

    Article  Google Scholar 

  136. Pattuk E, Kantarcioglu M, Khadilkar V, Ulusoy H, Mehrotra S (2013) Bigsecret: a secure data management framework for key-value stores. In: IEEE sixth international conference on cloud computing (CLOUD). IEEE, pp 147–154

    Google Scholar 

  137. Wei W, Du J, Yu T, Gu X (2009) Securemr: a service integrity assurance framework for mapreduce. In: Computer security applications conference (ACSAC’09). Annual. IEEE, pp 73–82

    Google Scholar 

  138. Mccarty B (2004) SELinux: NSA’s open source security enhanced linux. Oreilly & Associates, Cambridge

    Google Scholar 

  139. Zhao J, Wang L, Tao J, Chen J, Sun W, Ranjan R, Kołodziej J, Streit A, Georgakopoulos D (2014) A security framework in G-Hadoop for big data computing across distributed cloud data centres. J Comput Syst Sci 80(5):994–1007

    Article  MathSciNet  MATH  Google Scholar 

  140. Ulusoy H, Kantarcioglu M, Pattuk E, Hamlen K (2014) Vigiles: fine-grained access control for mapreduce systems. In: 2014 IEEE international congress on big data (BigData Congress). IEEE, pp 40–47

    Google Scholar 

  141. Rahul P, GireeshKumar T (2015) A novel authentication framework for Hadoop. In: Artificial intelligence and evolutionary algorithms in engineering systems. Springer, pp 333–340

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Shaanxi Normal University, Xi’an, China

    Shuyu Li

  2. San Jose State University, San Jose, CA, USA

    Jerry Gao

Authors
  1. Shuyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jerry Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shuyu Li .

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, Burwood, Victoria, Australia

    Shui Yu

  2. Schl of Comp Science & Engg, The Univ of Aizu, Aizu-Wakamatsu City, Japan

    Song Guo

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Li, S., Gao, J. (2016). Security and Privacy for Big Data. In: Yu, S., Guo, S. (eds) Big Data Concepts, Theories, and Applications . Springer, Cham. https://doi.org/10.1007/978-3-319-27763-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27763-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27761-5

  • Online ISBN: 978-3-319-27763-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation