Abstract
Social networks, smartphones, mobile applications... produce an avalanche of data on a large-scale and in an unstructured way. The phenomenon Big Data was born in order to address the different challenges including data storing, data analysis, data querying and so on. Technological advances always carry new security vulnerabilities that are not taken into consideration at the beginning. Security aspects usually require time to be addressed. The information system security is the set of measures to prevent any failure or threat including unauthorized accesses. Perfect protection must contain the four basic building blocks that are: authentication, access control, auditing, and encryption. In our work, we are specifically interested in access control. We first analyze the well-known access control models that were applied to Big Data. We then investigate the most important security projects. Most of these approaches and projects rely mainly on coarse-grained access control policies. In this work, we propose a novel approach called H-RCBAC that relies on two known models: the role-based access control (RBAC) and the content-based access control (CBAC). H-RCBAC is a new architecture that refines the access control process by considering a set of taboo words to guarantee fine-grained access control.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen, M., Mao, S., Liu, Y.: Big data: a survey. Mobile Netw. Appl. 19(2), 171–209 (2014)
Sharma, P.P., Navdeti, C.P.: Securing big data hadoop: a review of security issues, threats and solution. Int. J. Comput. Sci. Inf. Technol. 5 (2014)
Guo, C., Wu, H., Tan, K., Shiy, L., Zhang, Y., Luz, S., Mapreduce: Simplified data processing on large clusters. In: Proceedings of OSDI, San Francisco, CA, USA (2004)
Apache Hadoop. https://hadoop.apache.org/docs/current/hadoop-project-dist/hadoop-hdfs/HdfsPermissionsGuide.html. Last accessed on 22 Feb 2021 (2017)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. (TISSEC) 4(3), 224–274 (2001)
Gupta, M., Patwa, F., Sandhu, R.: Object-tagged RBAC model for the hadoop ecosystem. In: IFIP Annual Conference on Data and Applications Security and Privacy, pp. 63–81. Springer (2017)
Zeng, W., Yang, Y., Luo, B.: Access control for big data using data content. In: 2013 IEEE International Conference on Big Data, pp. 45–47. IEEE (2013)
Ashwin Kumar, T.K., Liu, H., Thomas, J.P., Hou, X.: Content sensitivity based access control framework for hadoop. Digital Commun, Netw. 3(4), 213–225 (2017)
Cavoukian, A., Chibba, M., Williamson, G., Ferguson, A.: The importance of ABAC: Attribute-based access control to big data: privacy and context (2015)
Gupta, M., Patwa, F., Sandhu, R.: An attribute-based access control model for secure big data processing in hadoop ecosystem. In: Proceedings of the Third ACM Workshop on Attribute-Based Access Control, pp. 13–24 (2018)
Das, D., O’Malley, O., Radia, S., Zhang, K.: Adding security to apache hadoop. Hortonworks, IBM (2011)
Apache Sentry: https://sentry.apache.org/. Last accessed on 22 Feb 2021 (2016)
Apache Ranger: http://ranger.apache.org. Last accessed on 22 Feb 2021 (2014)
Rhino Project: https://github.com/intel-hadoop/project-rhino/ Last accessed on 22 Feb 2021 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Nait Bahloul, S., Bessaoud, K., Abid, M. (2022). H-RCBAC: Hadoop Access Control Based on Roles and Content. In: Ben Ahmed, M., Teodorescu, HN.L., Mazri, T., Subashini, P., Boudhir, A.A. (eds) Networking, Intelligent Systems and Security. Smart Innovation, Systems and Technologies, vol 237. Springer, Singapore. https://doi.org/10.1007/978-981-16-3637-0_30
Download citation
DOI: https://doi.org/10.1007/978-981-16-3637-0_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3636-3
Online ISBN: 978-981-16-3637-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)