Abstract
The chapter presents wide variety of topics concerning security in Big Data systems. Security from end user side, data owner, and data uploader point of view is considered. Selected methods for the assuring confidentiality, integrity, and availability are described. Presented solutions are divided into those adopted from traditional systems and methods dedicated for Big Data environment only. The data life cycle in Big Data is presented. The emphasis is put on the problem of security of data being sent, data at rest and data being processed and deleted from the system. Different kind of techniques to assure authenticity and provenance are also presented. The need for third-party trust centers is explained. The necessity for external control as far as international low obedience is justified.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Marz, N., Warren, J.: Big Data: Principles and Best Practices of Scalable Realtime Data Systems, Manning Publications (2015)
Big Data Now: 2012 Edn. OReilly Media, Inc. (2012)
Liu, H., Gegov, A., Cocea, A.: Rule Based Systems for Big Data A Machine Learning Approach, Springer (2016). ISBN:978-3-319-23696-4
Davis, K., Patterson D.: Ethics of Big Data, OReilly Media, Inc. (2012)
INTERNATIONAL STANDARD ISO/IEC 27002: Information technology Security techniques Code of practice for information security management, ISO/IEC FDIS 17799:2005(E) (2005)
Zhao, G., Rong, Ch., Gilje Jaatun, M., Sandnes, F.E.: Reference deployment models for eliminating user concerns on cloud security. J. Supercomputing 61(2), 337–352 (2012). August
NIST Special Publication 1500-1, NIST Big Data Interoperability Framework: Vol. 1, Definitions, NIST Big Data Public Working Group (NBD-PWG). doi:10.6028/NIST.SP.1500-1
Top Ten Big Data Security and Privacy Challenges, Cloud Security Alliance. http://www.isaca.org/groups/professional-english/big-data/groupdocuments/big_data_top_ten_v1.pdf. Accessed 22 March 2016
NIST Special Publication 1500-4, NIST Big Data Interoperability, Security and Privacy, NIST Big Data Public Working Group. doi:10.6028/NIST.SP.1500-4
van Tilborg, H.C.A., Jajodia, S. (Eds.): Encyclopedia of Cryptography and Security, Springer. ISBN:978-1-4419-5905-8
Schneier,B.: Applied Cryptography Protocols, Algorithms, and Source Code in C, John Wiley and Sons (1996)
Hu,V.C., Grance, T., Ferraio D. F., Kuhn,D.: An Access Control Scheme for Big Data Processing, National Institute of Standards and Technology, USA. http://csrc.nist.gov/projects/ac-policy-igs/big_data_control_access_7-10-2014.pdf. Accessed 22 March 2016
Rotenberg M.: COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER, THE OFFICE OF SCIENCE AND TECHNOLOGY POLICY Request for Information: Big Data and the Future of Privacy, Electronic Privacy Information Center (EPIC) (2014). https://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf. Accessed 22 March 2016
Armerding, T., The 5 worst Big Data privacy risks (and how to guard against them). http://www.csoonline.com/article/2855641/big-data-security/the-5-worst-big-data-privacy-risks-and-how-to-guard-against-them.html. Accessed 22 March 2016
Stallings, W.: Cryptography and Network Security: Principles and Practice, Pearson (2013)
http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf
NIST Special Publication 800-57 (SP 800-57), Recommendation for Key Management, provides guidance on the management of cryptographic keys. http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf. Accessed 22 March 2016
X.509: Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks. http://www.itu.int/rec/T-REC-X.509/en,cited. Accessed 22 March 2016
Zeng, B., Zhang, M.: A novel group key transfer for big data security. Appl. Math. Comput. 249, 436443 (2014). doi:10.1016/j.amc.2014.10.051
Goorden, S.A., Horstmann M., Mosk, A.P., Kori, B., Pinkse, P. W. H.: Quantum-Secure Authentication of a Physical Unclonable Key. Optica 1(6) (2014)
He, D., Jiajun B., Chan, S., Handauth, Ch.: Efficient Handover Authentication with Conditional Privacy for Wireless Networks. IEEE Trans. Comput. 62(3) (2013)
Farras, O., Padr, C.: Ideal hierarchical secret sharing schemes. In: Theory of Cryptography, pp. 219236. Springer (2010)
Hsu, C.-F., Cheng, Q., Tang, X., Zeng, B.: An ideal multi-secret sharing scheme based on msp. Inf. Sci. 181(7), 14031409 (2011)
Wang, H., Jiang, X., Kambourakis, G.: special issue on security, privacy and trust in network-based Big Data. Inf. Sci. 318, 4850 (2015). doi:10.1016/j.ins.2015.05.040
Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the Internet of Things. Math. Comput. Model. 58, 11891205 (2013)
Zahid, A., Masood, R., Awais Shibli M.: Security of Sharded NoSQL Databases: A Comparative Analysis, Conference on Information Assurance and Cyber Security (CIACS) (2014). doi: 978-1-4799-5852-8/14/
Okman, L., Gal-Oz, N., Gonen, Y., Gudes, Y.: Security Issues in NoSQL Databases. IEEE (2011). doi:10.1109/TrustCom.2011.70
Pazhanirajaa,N., Victer Paula,P., Saleem Bashab M.S., Dhavachelvanc P.: Big Data and Hadoop-A Study in Security Perspective. Procedia Computer Science, Vol. 50, Big Data, Cloud and Computing Challenges, (2015). doi:10.1016/j.procs.2015.04.091
Colombo, P., Ferrari, E.: Privacy Aware Access Control for Big Data: A Research Roadmap. Big Data Res. 2, 145154 (2015). doi:10.1016/j.bdr.2015.08.001
http://craigchamberlain.com/library/security/NIST/NIST%20800-8%20-%20Security%20Issues%20%20the%20Database%20Language%20SQL.pdf
Kshetri, N.B.: Big data’s impact on privacy, security and consumer welfare. Telecommun. Policy 38(11), 1134-1145. www.elsevier.com/locate/telpol. Accessed 22 March 2016
Personal Information Protection and Electronic Documents Act, Published by the Minister of Justice, Canada, (2016). http://laws-lois.justice.gc.ca/PDF/P-8.6.pdf
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Official Journal L 281, 23/11/1995 P. 0031–0050
APEC Certification Standards. https://www.truste.com/privacy-certification-standards/apec/. Accessed 22 March 2016
The International Standard for Data Protection in the Cloud, ISO/IEC 27018 (2014). https://www.iso.org/obp/ui/iso:std:iso-iec:27018:ed-1:v1:en. Accessed 22 March 2016
The SSAE16 Auditing Standard: (2015). http://www.ssae-16.com/. Accessed 22 March 2016
https://cloudsecurityalliance.org/group/cloud-controls-matrix/
Guide to SSL VPNs, Special Publication 800-113, Recommendations of the National Institute of Standards and Technology (2008). http://csrc.nist.gov/publications/nistpubs/800-113/SP800-113.pdf. Accessed 22 March 2016
Barker, E.B., Barker, W.C., Lee A.: NIST Special Publication 800-21, Guideline for Implementing Cryptography In the Federal Government, U.S. Department of Commerce, (2005). http://csrc.nist.gov/publications/nistpubs/800-21-1/sp800-21-1_Dec2005.pdf. Accessed 22 March 2016
Thayananthan, V., Albeshri, A.: Big data security issues based on quantum cryptography and privacy, with authentication for mobile data center. Procedia Comput. Sci. 50, 149–156 (2015); 2nd International Symposium on Big Data and Cloud Computing (ISBCC15), (2015). doi:10.1016/j.procs.2015.04.077
Kizza, J.: Computer Network Security. Springer (2005). ISBN-10:0387204733
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this chapter
Cite this chapter
Jakóbik, A. (2016). Big Data Security. In: Pop, F., Kołodziej, J., Di Martino, B. (eds) Resource Management for Big Data Platforms. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-44881-7_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-44881-7_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44880-0
Online ISBN: 978-3-319-44881-7
eBook Packages: Computer ScienceComputer Science (R0)