Skip to main content
SpringerLink
Log in

Framework for Modeling Security Policies of Big Data Processing Systems

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

This paper studies automatizing the analysis of access control in big data management systems by modeling security policies. It analyzes modern methods of ensuring access control in this class of systems, determines the respective requirements, and chooses the most advanced method for describing security policies as part of the solution in development. The task of modeling security policies in big data management systems is formulated. The architecture, the main components, and the general operating algorithm of the software framework for solving the task, as well as the experimental validation results, are presented. The strengths and weaknesses of the framework are assessed and ways for its further upgrade suggested.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

REFERENCES

  1. Turkanović, M., Družovec, T.W., and Hölbl, M., Inference attacks and control on database structures, TEM J., 2015, vol. 4, no. 1, pp. 3–15.

  2. Poltavtseva, M.A., Evolution of data management systems and their security, 2019 Int. Conf. on Engineering Technologies and Computer Science (EnT), Moscow, 2019, IEEE, 2019, pp. 25–29. https://doi.org/10.1109/ent.2019.00010

  3. Gray, P., Logic, Algebra and Databases, John Wiley & Sons, 1989.

    Google Scholar 

  4. Tsichritzis, D.C. and Lochovsky, F.H., Data Models, Prentice Hall, 1982.

    Google Scholar 

  5. Colombo, P. and Ferrari, E., Access control technologies for big data management systems: Literature review and future trends, Cybersecurity, 2019, vol. 2, no. 1. https://doi.org/10.1186/s42400-018-0020-9

  6. Poltavtseva, M.A., Zegzhda, D.P., and Kalinin, M.O., Role of universal model of heterogeneous data in security of big data management systems, Metody Tekh. Sredstva Obespecheniya Bezop. Inf., 2023, no. 32, pp. 43–44.

  7. Konoplev, A.S., Busygin, A.G., and Zegzhda, D.P., A blockchain decentralized public key infrastructure model, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1017–1021. https://doi.org/10.3103/s0146411618080175

    Article  Google Scholar 

  8. Demidov, R.A., Pechenkin, A.I., Zegzhda, P.D., and Kalinin, M.O., Application model of modern artificial neural network methods for the analysis of information systems security, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 965–970. https://doi.org/10.3103/s0146411618080072

    Article  Google Scholar 

  9. Zegzhda, D.P., Zegzhda, P.D., and Kalinin, M.O., Clarifying integrity control at the trusted information environment, Computer Network Security. MMM-ACNS 2010, Kotenko, I. and Skormin, V., Eds., Lecture Notes in Computer Science, vol. 6258, Berlin: Springer, 2010, pp. 337–344. https://doi.org/10.1007/978-3-642-14706-7_27

    Book  Google Scholar 

  10. Qiu, J., Tian, Z., Du, C., Zuo, Q., Su, S., and Fang, B., A survey on access control in the age of internet of things, IEEE Internet Things J., 2020, vol. 7, no. 6, pp. 4682–4696. https://doi.org/10.1109/jiot.2020.2969326

    Article  Google Scholar 

  11. Hu, V.C., Kuhn, D.R., and Ferraiolo, D.F., Access control for emerging distributed systems, Computer, 2018, vol. 51, no. 10, pp. 100–103. https://doi.org/10.1109/mc.2018.3971347

    Article  Google Scholar 

  12. Colombo, P. and Ferrari, E., Access control in the era of big data: State of the art and research directions, Proc. 23nd ACM on Symp. on Access Control Models and Technologies, Indianopolis, Ind., 2018, New York: Association for Computing Machinery, 2018, pp. 185–192. https://doi.org/10.1145/3205977.3205998

  13. Aedo, I., Díaz, P., and Sanz, D., An RBAC model-based approach to specify the access policies of web-based emergency information systems, Int. J. Intell. Control Syst., 2006, vol. 11, no. 4, pp. 272–283.

    Google Scholar 

  14. Pandey, S. and Maurya, S., Big data security management through task role based access control mechanism, 2nd Int. Conf. for Innovation in Technology (INOCON), Bangalore, India, 2023, IEEE, 2023, pp. 1–6. https://doi.org/10.1109/inocon57975.2023.10101117

  15. Gupta, M., Patwa, F., and Sandhu, R., Object-tagged RBAC model for the Hadoop ecosystem, Data and Applications Security and Privacy XXXI, Livraga, G. and Zhu, S., Eds., Lecture Notes in Computer Science, vol. 10359, Cham: Springer, 2017, pp. 63–81. https://doi.org/10.1007/978-3-319-61176-1_4

    Book  Google Scholar 

  16. Gupta, A., Pandhi, K., Bindu, P.V., and Thilagam, P.S., Role and access based data segregator for security of big data, Procedia Technol., 2016, vol. 24, pp. 1550–1557. https://doi.org/10.1016/j.protcy.2016.05.130

    Article  Google Scholar 

  17. Asghar, M.R., Ion, M., Russello, G., and Crispo, B., ESPOONERBAC: Enforcing security policies in outsourced environments, Comput. Secur., 2013, vol. 35, pp. 2–24. https://doi.org/10.1016/j.cose.2012.11.010

    Article  Google Scholar 

  18. Servos, D. and Osborn, S.L., Current research and open problems in attribute-based access control, ACM Comput. Surv., 2017, vol. 49, no. 4, pp. 1–45. https://doi.org/10.1145/3007204

    Article  Google Scholar 

  19. Zeng, W., Yang, Yu., and Luo, B., Content-based access control: Use data content to assist access control for large-scale content-centric databases, 2014 IEEE Int. Conf. on Big Data (Big Data), Washingron, D.C., 2014, IEEE, 2014, pp. 701–710. https://doi.org/10.1109/bigdata.2014.7004294

  20. El Haourani, L., Elkalam, A.A., and Ouahman, A.A., Knowledge based access control a model for security and privacy in the big data, Proc. 3rd Int. Conf. on Smart City Applications, Tetouan, Morocco, 2018, New York: Association for Computing Machinery, 2018, p. 16. https://doi.org/10.1145/3286606.3286793

  21. Thakare, A., Lee, E., Kumar, A., Nikam, V.B., and Kim, Yo.-G., PARBAC: Priority-attribute-based RBAC model for azure IoT cloud, IEEE Internet Things J., 2020, vol. 7, no. 4, pp. 2890–2900. https://doi.org/10.1109/jiot.2019.2963794

    Article  Google Scholar 

  22. Poltavtsev, A.A., Khabarov, A.R., and Selyankin, A.O., Inference attacks and information security in databases, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 829–833. https://doi.org/10.3103/S0146411620080271

    Article  Google Scholar 

Download references

Funding

The study was supported by the grant of Russian Science Foundation no. 23-11-20003, https://rscf.ru/project/23-11-20003/; grant of St. Petersburg Science Foundation (agreement no. 23-11-20003 on the regional grant).

Author information

Authors and Affiliations

  1. Peter the Great St. Petersburg Polytechnic University, 195251, St. Petersburg, Russia

    M. A. Poltavtseva, D. V. Ivanov & E. V. Zavadskii

Authors
  1. M. A. Poltavtseva
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. D. V. Ivanov
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. E. V. Zavadskii
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. A. Poltavtseva.

Ethics declarations

The authors of this work declare that they have no conflicts of interest.

Additional information

Translated by S. Kuznetsov

Publisher’s Note.

Allerton Press remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Poltavtseva, M.A., Ivanov, D.V. & Zavadskii, E.V. Framework for Modeling Security Policies of Big Data Processing Systems. Aut. Control Comp. Sci. 57, 1063–1070 (2023). https://doi.org/10.3103/S0146411623080254

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411623080254

Keywords:

Search

Navigation