Abstract
This paper studies automatizing the analysis of access control in big data management systems by modeling security policies. It analyzes modern methods of ensuring access control in this class of systems, determines the respective requirements, and chooses the most advanced method for describing security policies as part of the solution in development. The task of modeling security policies in big data management systems is formulated. The architecture, the main components, and the general operating algorithm of the software framework for solving the task, as well as the experimental validation results, are presented. The strengths and weaknesses of the framework are assessed and ways for its further upgrade suggested.
REFERENCES
Turkanović, M., Družovec, T.W., and Hölbl, M., Inference attacks and control on database structures, TEM J., 2015, vol. 4, no. 1, pp. 3–15.
Poltavtseva, M.A., Evolution of data management systems and their security, 2019 Int. Conf. on Engineering Technologies and Computer Science (EnT), Moscow, 2019, IEEE, 2019, pp. 25–29. https://doi.org/10.1109/ent.2019.00010
Gray, P., Logic, Algebra and Databases, John Wiley & Sons, 1989.
Tsichritzis, D.C. and Lochovsky, F.H., Data Models, Prentice Hall, 1982.
Colombo, P. and Ferrari, E., Access control technologies for big data management systems: Literature review and future trends, Cybersecurity, 2019, vol. 2, no. 1. https://doi.org/10.1186/s42400-018-0020-9
Poltavtseva, M.A., Zegzhda, D.P., and Kalinin, M.O., Role of universal model of heterogeneous data in security of big data management systems, Metody Tekh. Sredstva Obespecheniya Bezop. Inf., 2023, no. 32, pp. 43–44.
Konoplev, A.S., Busygin, A.G., and Zegzhda, D.P., A blockchain decentralized public key infrastructure model, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1017–1021. https://doi.org/10.3103/s0146411618080175
Demidov, R.A., Pechenkin, A.I., Zegzhda, P.D., and Kalinin, M.O., Application model of modern artificial neural network methods for the analysis of information systems security, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 965–970. https://doi.org/10.3103/s0146411618080072
Zegzhda, D.P., Zegzhda, P.D., and Kalinin, M.O., Clarifying integrity control at the trusted information environment, Computer Network Security. MMM-ACNS 2010, Kotenko, I. and Skormin, V., Eds., Lecture Notes in Computer Science, vol. 6258, Berlin: Springer, 2010, pp. 337–344. https://doi.org/10.1007/978-3-642-14706-7_27
Qiu, J., Tian, Z., Du, C., Zuo, Q., Su, S., and Fang, B., A survey on access control in the age of internet of things, IEEE Internet Things J., 2020, vol. 7, no. 6, pp. 4682–4696. https://doi.org/10.1109/jiot.2020.2969326
Hu, V.C., Kuhn, D.R., and Ferraiolo, D.F., Access control for emerging distributed systems, Computer, 2018, vol. 51, no. 10, pp. 100–103. https://doi.org/10.1109/mc.2018.3971347
Colombo, P. and Ferrari, E., Access control in the era of big data: State of the art and research directions, Proc. 23nd ACM on Symp. on Access Control Models and Technologies, Indianopolis, Ind., 2018, New York: Association for Computing Machinery, 2018, pp. 185–192. https://doi.org/10.1145/3205977.3205998
Aedo, I., Díaz, P., and Sanz, D., An RBAC model-based approach to specify the access policies of web-based emergency information systems, Int. J. Intell. Control Syst., 2006, vol. 11, no. 4, pp. 272–283.
Pandey, S. and Maurya, S., Big data security management through task role based access control mechanism, 2nd Int. Conf. for Innovation in Technology (INOCON), Bangalore, India, 2023, IEEE, 2023, pp. 1–6. https://doi.org/10.1109/inocon57975.2023.10101117
Gupta, M., Patwa, F., and Sandhu, R., Object-tagged RBAC model for the Hadoop ecosystem, Data and Applications Security and Privacy XXXI, Livraga, G. and Zhu, S., Eds., Lecture Notes in Computer Science, vol. 10359, Cham: Springer, 2017, pp. 63–81. https://doi.org/10.1007/978-3-319-61176-1_4
Gupta, A., Pandhi, K., Bindu, P.V., and Thilagam, P.S., Role and access based data segregator for security of big data, Procedia Technol., 2016, vol. 24, pp. 1550–1557. https://doi.org/10.1016/j.protcy.2016.05.130
Asghar, M.R., Ion, M., Russello, G., and Crispo, B., ESPOONERBAC: Enforcing security policies in outsourced environments, Comput. Secur., 2013, vol. 35, pp. 2–24. https://doi.org/10.1016/j.cose.2012.11.010
Servos, D. and Osborn, S.L., Current research and open problems in attribute-based access control, ACM Comput. Surv., 2017, vol. 49, no. 4, pp. 1–45. https://doi.org/10.1145/3007204
Zeng, W., Yang, Yu., and Luo, B., Content-based access control: Use data content to assist access control for large-scale content-centric databases, 2014 IEEE Int. Conf. on Big Data (Big Data), Washingron, D.C., 2014, IEEE, 2014, pp. 701–710. https://doi.org/10.1109/bigdata.2014.7004294
El Haourani, L., Elkalam, A.A., and Ouahman, A.A., Knowledge based access control a model for security and privacy in the big data, Proc. 3rd Int. Conf. on Smart City Applications, Tetouan, Morocco, 2018, New York: Association for Computing Machinery, 2018, p. 16. https://doi.org/10.1145/3286606.3286793
Thakare, A., Lee, E., Kumar, A., Nikam, V.B., and Kim, Yo.-G., PARBAC: Priority-attribute-based RBAC model for azure IoT cloud, IEEE Internet Things J., 2020, vol. 7, no. 4, pp. 2890–2900. https://doi.org/10.1109/jiot.2019.2963794
Poltavtsev, A.A., Khabarov, A.R., and Selyankin, A.O., Inference attacks and information security in databases, Autom. Control Comput. Sci., 2020, vol. 54, no. 8, pp. 829–833. https://doi.org/10.3103/S0146411620080271
Funding
The study was supported by the grant of Russian Science Foundation no. 23-11-20003, https://rscf.ru/project/23-11-20003/; grant of St. Petersburg Science Foundation (agreement no. 23-11-20003 on the regional grant).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
The authors of this work declare that they have no conflicts of interest.
Additional information
Translated by S. Kuznetsov
Publisher’s Note.
Allerton Press remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Poltavtseva, M.A., Ivanov, D.V. & Zavadskii, E.V. Framework for Modeling Security Policies of Big Data Processing Systems. Aut. Control Comp. Sci. 57, 1063–1070 (2023). https://doi.org/10.3103/S0146411623080254
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411623080254