Abstract
Todays data stream management systems (DSMSs) lack security functionality. Based on adversary scenarios we show how a DSMS architecture can be protected. We sketch a general DSMS architecture and introduce security issues that need to be considered. To face the threats we develop an extended system architecture that provides the necessary security mechanisms. We descuss the chosen concepts and illustrate how they can be realized by various system components. Our design focus is, considering the unique properties of data stream engines, to keep the impact on existing system components as little as possible and to limit the effect on the overall performance to a minimum.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, D.J., Ahmad, Y., Balazinska, M., Cetintemel, U., Cherniack, M., Hwang, J.-H., Lindner, W., Maskey, A.S., Rasin, A., Ryvkina, E., Tatbul, N., Xing, Y., Zdonik, S.: The Design of the Borealis Stream Processing Engine. In: CIDR (2005)
Abadi, D.J., Carney, D., Çetintemel, U., Cherniack, M., Convey, C., Lee, S., Stonebraker, M., Tatbul, N., Zdonik, S.: Aurora: A new model and architecture for data stream management. VLDB Journal (2003)
Abadi, D.J., Lindner, W., Madden, S., Schuler, J.: An integration framework for sensor networks and data stream management systems. In: VLDB (2004)
Arasu, A., Babcock, B., Babu, S., Datar, M., Ito, K., Motwani, R., Nishizawa, I., Srivastava, U., Thomas, D., Varma, R., Widom, J.: Stream: The stanford stream data manager. IEEE Data Engineering Bulletin 26(1) (2003)
Balazinska, M., Balakrishnan, H., Stonebraker, M.: Contract-based load management in federated distributed systems. In: NSDI (2004)
Bertino, E., Bonatti, P.A., Ferrari, E.: Trbac: A temporal role-based access control model. ACM TOISS 4(3) (2001)
Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Rading (1994)
Chandrasekaran, S., Cooper, O., Deshpande, A., Franklin, M., Hellerstein, J., Hong, W., Krishnamurthy, S., Madden, S., Raman, V., Reiss, F., Shah, M.: TelegraphCQ: Continuous Dataflow Processing for an Uncertain World. In: CIDR (2003)
Cherniack, M., Balakrishnan, H., Balazinska, M., Carney, D., Çetintemel, U., Xing, Y., Zdonik, S.: Scalable distributed stream processing. In: CIDR (2003)
Hwang, J.-H., Balazinska, M., Rasin, A., Cetintemel, U., Stonebraker, M., Zdonik, S.: High-Availability Algorithms for Distributed Stream Processing. In: ICDE (2005)
IETF. IPSec., http://www.ietf.org/html.charters/ipsec-charter.html
Krämer, J., Seeger, B.: Pipes - a public infrastructure for processing and exploring streams. In: SIGMOD (2004)
Ramakrishnan, R., Gehrke, J.: Security and Authorization. In: Database Management Systems, 3rd edn. McGraw Hill, New York (2003)
Sandhu, R.S., Samarati, P.: Access Control: Principles and Practice. IEEE Communications Magazine 32(9) (1994)
Voydock, V.L., Kent, S.T.: Security mechanisms in high-level network protocols. ACM Computing Surveys 15(2) (1983)
Zdonik, S., Stonebraker, M., Cherniack, M., Çetintemel, U., Balazinska, M., Balakrishnan, H.: The Aurora and Medusa Projects. IEEE Data Engineering Bulletin 26(1) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lindner, W., Meier, J. (2006). Towards a Secure Data Stream Management System. In: Draheim, D., Weber, G. (eds) Trends in Enterprise Application Architecture. TEAA 2005. Lecture Notes in Computer Science, vol 3888. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11681885_10
Download citation
DOI: https://doi.org/10.1007/11681885_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-32734-9
Online ISBN: 978-3-540-32735-6
eBook Packages: Computer ScienceComputer Science (R0)