Advertisement

Big Data Security

  • Agnieszka JakóbikEmail author
Chapter
Part of the Computer Communications and Networks book series (CCN)

Abstract

The chapter presents wide variety of topics concerning security in Big Data systems. Security from end user side, data owner, and data uploader point of view is considered. Selected methods for the assuring confidentiality, integrity, and availability are described. Presented solutions are divided into those adopted from traditional systems and methods dedicated for Big Data environment only. The data life cycle in Big Data is presented. The emphasis is put on the problem of security of data being sent, data at rest and data being processed and deleted from the system. Different kind of techniques to assure authenticity and provenance are also presented. The need for third-party trust centers is explained. The necessity for external control as far as international low obedience is justified.

Keywords

Hash Function Data Owner Policy Decision Point Asia Pacific Economic Cooperation Elliptic Curve Digital Signature Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Marz, N., Warren, J.: Big Data: Principles and Best Practices of Scalable Realtime Data Systems, Manning Publications (2015)Google Scholar
  2. 2.
    Big Data Now: 2012 Edn. OReilly Media, Inc. (2012)Google Scholar
  3. 3.
    Liu, H., Gegov, A., Cocea, A.: Rule Based Systems for Big Data A Machine Learning Approach, Springer (2016). ISBN:978-3-319-23696-4Google Scholar
  4. 4.
    Davis, K., Patterson D.: Ethics of Big Data, OReilly Media, Inc. (2012)Google Scholar
  5. 5.
    INTERNATIONAL STANDARD ISO/IEC 27002: Information technology Security techniques Code of practice for information security management, ISO/IEC FDIS 17799:2005(E) (2005)Google Scholar
  6. 6.
    Zhao, G., Rong, Ch., Gilje Jaatun, M., Sandnes, F.E.: Reference deployment models for eliminating user concerns on cloud security. J. Supercomputing 61(2), 337–352 (2012). AugustCrossRefGoogle Scholar
  7. 7.
  8. 8.
    NIST Special Publication 1500-1, NIST Big Data Interoperability Framework: Vol. 1, Definitions, NIST Big Data Public Working Group (NBD-PWG). doi: 10.6028/NIST.SP.1500-1
  9. 9.
    Top Ten Big Data Security and Privacy Challenges, Cloud Security Alliance. http://www.isaca.org/groups/professional-english/big-data/groupdocuments/big_data_top_ten_v1.pdf. Accessed 22 March 2016
  10. 10.
    NIST Special Publication 1500-4, NIST Big Data Interoperability, Security and Privacy, NIST Big Data Public Working Group. doi: 10.6028/NIST.SP.1500-4
  11. 11.
    van Tilborg, H.C.A., Jajodia, S. (Eds.): Encyclopedia of Cryptography and Security, Springer. ISBN:978-1-4419-5905-8Google Scholar
  12. 12.
    Schneier,B.: Applied Cryptography Protocols, Algorithms, and Source Code in C, John Wiley and Sons (1996)Google Scholar
  13. 13.
    Hu,V.C., Grance, T., Ferraio D. F., Kuhn,D.: An Access Control Scheme for Big Data Processing, National Institute of Standards and Technology, USA. http://csrc.nist.gov/projects/ac-policy-igs/big_data_control_access_7-10-2014.pdf. Accessed 22 March 2016
  14. 14.
    Rotenberg M.: COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER, THE OFFICE OF SCIENCE AND TECHNOLOGY POLICY Request for Information: Big Data and the Future of Privacy, Electronic Privacy Information Center (EPIC) (2014). https://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf. Accessed 22 March 2016
  15. 15.
    Armerding, T., The 5 worst Big Data privacy risks (and how to guard against them). http://www.csoonline.com/article/2855641/big-data-security/the-5-worst-big-data-privacy-risks-and-how-to-guard-against-them.html. Accessed 22 March 2016
  16. 16.
    Stallings, W.: Cryptography and Network Security: Principles and Practice, Pearson (2013)Google Scholar
  17. 17.
  18. 18.
    NIST Special Publication 800-57 (SP 800-57), Recommendation for Key Management, provides guidance on the management of cryptographic keys. http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf. Accessed 22 March 2016
  19. 19.
    X.509: Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks. http://www.itu.int/rec/T-REC-X.509/en,cited. Accessed 22 March 2016
  20. 20.
    Zeng, B., Zhang, M.: A novel group key transfer for big data security. Appl. Math. Comput. 249, 436443 (2014). doi: 10.1016/j.amc.2014.10.051 MathSciNetGoogle Scholar
  21. 21.
    Goorden, S.A., Horstmann M., Mosk, A.P., Kori, B., Pinkse, P. W. H.: Quantum-Secure Authentication of a Physical Unclonable Key. Optica 1(6) (2014)Google Scholar
  22. 22.
    He, D., Jiajun B., Chan, S., Handauth, Ch.: Efficient Handover Authentication with Conditional Privacy for Wireless Networks. IEEE Trans. Comput. 62(3) (2013)Google Scholar
  23. 23.
    Farras, O., Padr, C.: Ideal hierarchical secret sharing schemes. In: Theory of Cryptography, pp. 219236. Springer (2010)Google Scholar
  24. 24.
    Hsu, C.-F., Cheng, Q., Tang, X., Zeng, B.: An ideal multi-secret sharing scheme based on msp. Inf. Sci. 181(7), 14031409 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  25. 25.
    Wang, H., Jiang, X., Kambourakis, G.: special issue on security, privacy and trust in network-based Big Data. Inf. Sci. 318, 4850 (2015). doi: 10.1016/j.ins.2015.05.040 MathSciNetGoogle Scholar
  26. 26.
    Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the Internet of Things. Math. Comput. Model. 58, 11891205 (2013)Google Scholar
  27. 27.
    Zahid, A., Masood, R., Awais Shibli M.: Security of Sharded NoSQL Databases: A Comparative Analysis, Conference on Information Assurance and Cyber Security (CIACS) (2014). doi: 978-1-4799-5852-8/14/Google Scholar
  28. 28.
    Okman, L., Gal-Oz, N., Gonen, Y., Gudes, Y.: Security Issues in NoSQL Databases. IEEE (2011). doi: 10.1109/TrustCom.2011.70
  29. 29.
    Pazhanirajaa,N., Victer Paula,P., Saleem Bashab M.S., Dhavachelvanc P.: Big Data and Hadoop-A Study in Security Perspective. Procedia Computer Science, Vol. 50, Big Data, Cloud and Computing Challenges, (2015). doi: 10.1016/j.procs.2015.04.091
  30. 30.
    Colombo, P., Ferrari, E.: Privacy Aware Access Control for Big Data: A Research Roadmap. Big Data Res. 2, 145154 (2015). doi: 10.1016/j.bdr.2015.08.001 CrossRefGoogle Scholar
  31. 31.
    http://craigchamberlain.com/library/security/NIST/NIST%20800-8%20-%20Security%20Issues%20%20the%20Database%20Language%20SQL.pdfGoogle Scholar
  32. 32.
  33. 33.
  34. 34.
  35. 35.
  36. 36.
  37. 37.
  38. 38.
  39. 39.
  40. 40.
  41. 41.
    Kshetri, N.B.: Big data’s impact on privacy, security and consumer welfare. Telecommun. Policy 38(11), 1134-1145. www.elsevier.com/locate/telpol. Accessed 22 March 2016
  42. 42.
    Personal Information Protection and Electronic Documents Act, Published by the Minister of Justice, Canada, (2016). http://laws-lois.justice.gc.ca/PDF/P-8.6.pdf
  43. 43.
    Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L 281, 23/11/1995 P. 0031–0050Google Scholar
  44. 44.
    APEC Certification Standards. https://www.truste.com/privacy-certification-standards/apec/. Accessed 22 March 2016
  45. 45.
    The International Standard for Data Protection in the Cloud, ISO/IEC 27018 (2014). https://www.iso.org/obp/ui/iso:std:iso-iec:27018:ed-1:v1:en. Accessed 22 March 2016
  46. 46.
    The SSAE16 Auditing Standard: (2015). http://www.ssae-16.com/. Accessed 22 March 2016
  47. 47.
  48. 48.
    Guide to SSL VPNs, Special Publication 800-113, Recommendations of the National Institute of Standards and Technology (2008). http://csrc.nist.gov/publications/nistpubs/800-113/SP800-113.pdf. Accessed 22 March 2016
  49. 49.
    Barker, E.B., Barker, W.C., Lee A.: NIST Special Publication 800-21, Guideline for Implementing Cryptography In the Federal Government, U.S. Department of Commerce, (2005). http://csrc.nist.gov/publications/nistpubs/800-21-1/sp800-21-1_Dec2005.pdf. Accessed 22 March 2016
  50. 50.
    Thayananthan, V., Albeshri, A.: Big data security issues based on quantum cryptography and privacy, with authentication for mobile data center. Procedia Comput. Sci. 50, 149–156 (2015); 2nd International Symposium on Big Data and Cloud Computing (ISBCC15), (2015). doi: 10.1016/j.procs.2015.04.077
  51. 51.
    Kizza, J.: Computer Network Security. Springer (2005). ISBN-10:0387204733Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Cracow University of TechnologyCracowPoland

Personalised recommendations