ABSTRACT
Data security and privacy issues are magnified by the volume, the variety, and the velocity of Big Data and by the lack, up to now, of a standard data model and related data manipulation language. In this paper, we focus on one of the key data security services, that is, access control, by highlighting the differences with traditional data management systems and describing a set of requirements that any access control solution for Big Data platforms may fulfill. We then describe the state of the art and discuss open research issues.
- R. Agrawal, J. Kiernan, R. Srikant, and Y. Xu. 2002. Hippocratic databases. In 28th International Conference on Very Large Data Bases (VLDB). Google ScholarDigital Library
- Gail-Joon Ahn, Hongxin Hu, Joohyung Lee, and Yunsong Meng. 2010. Representing and reasoning about web access control policies Computer Software and Applications Conference (COMPSAC), 2010 IEEE 34th Annual. IEEE, 137--146. Google ScholarDigital Library
- Sattam Alsubaiee, Yasser Altowim, Hotham Altwaijry, Alexander Behm, Vinayak Borkar, Yingyi Bu, Michael Carey, Inci Cetindil, Madhusudan Cheelangi, Khurram Faraaz, et almbox.. 2014. AsterixDB: A scalable, open source BDMS. Proceedings of the VLDB Endowment Vol. 7, 14 (2014), 1905--1916. Google ScholarDigital Library
- Lujo Bauer, Scott Garriss, and Michael K Reiter. 2011. Detecting and resolving policy misconfigurations in access-control systems. ACM Transactions on Information and System Security (TISSEC) Vol. 14, 1 (2011), 2. Google ScholarDigital Library
- E. Bertino, A. A. Jabal, S. B. Calo, C. Makaya, M. Touma, D. C. Verma, and C. Williams. 2017. Provenance-Based Analytics Services for Access Control Policies 2017 IEEE World Congress on Services, SERVICES 2017, Honolulu, HI, USA, June 25--30, 2017. 94--101.Google Scholar
- J.W. Byun and N. Li. 2008. Purpose based access control for privacy protection in relational database systems. The VLDB Journal Vol. 17, 4 (2008). Google ScholarDigital Library
- Rick Cattell. 2011. Scalable SQL and NoSQL Data Stores. SIGMOD Rec. Vol. 39, 4 (May. 2011), 12--27. nG. J. Ahn, and J. Jorgensen. 2013 a. Multiparty Access Control for Online Social Networks: Model and Mechanisms. IEEE Transactions on Knowledge and Data Engineering Vol. 25, 7 (July. 2013), 1614--1627. 1041-4347. Google ScholarDigital Library
- Vincent C Hu, David Ferraiolo, Rick Kuhn, Arthur R Friedman, Alan J Lang, Margaret M Cogdell, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone, et almbox.. 2013 b. Guide to attribute based access control (ABAC) definition and considerations (draft). NIST special publication Vol. 800, 162 (2013).Google Scholar
- V. C. Hu, D. R. Kuhn, and D. F. Ferraiolo. 2015. Attribute-Based Access Control. Computer Vol. 48, 2 (Feb. 2015), 85--88. 0018--9162Google ScholarDigital Library
- Xiaolong Jin, Benjamin W. Wah, Xueqi Cheng, and Yuanzhuo Wang. 2015. Significance and Challenges of Big Data Research. Big Data Research (2015). 2214--5796 Google ScholarDigital Library
- Jonathan Katz, Amit Sahai, and Brent Waters. 2013. Predicate encryption supporting disjunctions, polynomial equations, and inner products. Journal of cryptology Vol. 26, 2 (2013), 191--224. Google ScholarDigital Library
- Devdatta Kulkarni. 2013. A fine-grained access control model for key-value systems Proceedings of the third ACM conference on Data and application security and privacy. ACM, 161--164. Google ScholarDigital Library
- Kristen LeFevre, Rakesh Agrawal, Vuk Ercegovac, Raghu Ramakrishnan, Yirong Xu, and David DeWitt. 2004. Limiting disclosure in hippocratic databases. In Proceedings of the Thirtieth international conference on Very large data bases-Volume 30. VLDB Endowment, 108--119. Google ScholarDigital Library
- Jim J. Longstaff and Joanne Noble. 2016. Attribute Based Access Control for Big Data Applications by Query Modification Second IEEE International Conference on Big Data Computing Service and Applications, BigDataService 2016, Oxford, United Kingdom, March 29 - April 1, 2016. 58--65.Google Scholar
- Viktor Mayer-Schönberger and Kenneth Cukier. 2013. Big data: A revolution that will transform how we live, work, and think. Houghton Mifflin Harcourt.Google Scholar
- Mohamed Nabeel and Elisa Bertino. 2014. Privacy preserving delegated access control in public clouds. IEEE Transactions on Knowledge and Data Engineering Vol. 26, 9 (2014), 2268--2280.Google ScholarCross Ref
- R. V. Nehme, H. S. Lim, and E. Bertino. 2010. FENCE: Continuous access control enforcement in dynamic data stream environments 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010). 940--943. 1063--6382 Google ScholarDigital Library
- Kian Win Ong, Yannis Papakonstantinou, and Romain Vernoux. 2014. The SQLGoogle Scholar
- unifying semi-structured query language, and an expressiveness benchmark of SQL-on-Hadoop, NoSQL and NewSQL databases. CoRR, abs/1405.3631 (2014).Google Scholar
- Aafaf Ouaddah, Hajar Mousannif, Anas Abou Elkalam, and Abdellah Ait Ouahman. 2017. Access control in the Internet of Things: Big challenges and new opportunities. Computer Networks Vol. 112 (2017), 237 -- 262. 1389--1286 Google ScholarDigital Library
- Federica Paci, Anna Squicciarini, and Nicola Zannone. 2018. Survey on Access Control for Community-Centered Collaborative Systems. ACM Comput. Surv. Vol. 51, 1, Article 6 (Jan. 2018), 38 pages. 0360-0300 Google ScholarDigital Library
- Edelmira Pasarella and Jorge Lobo. 2017. A Datalog Framework for Modeling Relationship-based Access Control Policies Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies. ACM, 91--102. Google ScholarDigital Library
- S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. 2004. Extending query rewriting techniques for fine-grained access control ACM SIGMOD 2004. 551--562. Google ScholarDigital Library
- Yossif Shalabi and Ehud Gudes. 2017. Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases Data and Applications Security and Privacy XXXI, Giovanni Livraga and Sencun Zhu (Eds.). Springer International Publishing, Cham, 3--19.Google Scholar
- H. Ulusoy, P. Colombo, E. Ferrari, M. Kantarcioglu, and E. Pattuk. 2015. GuardMR: Fine-grained Security Policy Enforcement for MapReduce Systems ACM ASIACCS 2015. Google ScholarDigital Library
- Huseyin Ulusoy, Murat Kantarcioglu, Kevin Hamlen, and Erman Pattuk. 2014. Vigiles: Fine-grained Access Control for MapReduce Systems IEEE BigData. Google ScholarDigital Library
- Jos B Warmer and Anneke G Kleppe. 1998. The object constraint language: Precise modeling with uml (addison-wesley object technology series). (1998). Google ScholarDigital Library
Index Terms
- Access Control in the Era of Big Data: State of the Art and Research Directions
Recommendations
Dynamic and Scalable Enforcement of Access Control Policies for Big Data
MEDES '21: Proceedings of the 13th International Conference on Management of Digital EcoSystemsThe conflict between the need of protecting and sharing data is hampering the spread of big data applications. Security and privacy assurance is required to protect data owners, while data access and sharing are fundamental to implement smart big data ...
An Attribute-Based Access Control Model for Secure Big Data Processing in Hadoop Ecosystem
ABAC'18: Proceedings of the Third ACM Workshop on Attribute-Based Access ControlApache Hadoop is a predominant software framework for distributed compute and storage with capability to handle huge amounts of data, usually referred to as Big Data. This data collected from different enterprises and government agencies often includes ...
Securing Big Data: New Access Control Challenges and Approaches
SACMAT '19: Proceedings of the 24th ACM Symposium on Access Control Models and TechnologiesRecent cyber attacks have shown that the leakage/stealing of big data may result in enormous monetary loss and damage to organizational reputation, and increased identity theft risks for individuals. Furthermore, in the age of big data, protecting the ...
Comments