Program analysis for secure big data processing

Stephen, Julian James; Savvides, Savvas; Seidel, Russell; Eugster, Patrick

doi:10.1145/2642937.2643006

Cited by 9 publications

(5 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Stephen et al [16] proposed a method with program analysis to find security threats in MapReduce code. Geyer et al [17] on the other hand proposed a security framework for processing big data in distributed environment.…”

Section: Enhancing Mapreduce Layer For Big Data Privacymentioning

confidence: 99%

Integrated Security and Privacy Framework for Big Data in Hadoop MapReduce Framework

Sirisha¹

2021

TURCOMAT

View full text Add to dashboard Cite

Public cloud infrastructure is widely used by enterprises to store and process big data. Cloud and its distributed computing phenomena not only provides scalable, available and affordable solution for storage and compute services but also raises security concerns. Many security solutions that came into existence encrypt data and allow accessing plaintext for data analytics in the confines of secure hardware. However, the fact remains that the large volumes of data is processed in distributed environment involving hundreds of commodity machines. There exist numerous communications between machines in MapReduce computing model. In the process, compromised MapReduce machines or functions are vulnerable to query based inference attacks on big data that lead to leakage of sensitive information. The main focus of this paper is to overcome the problem aforementioned. Towards this end, a methodology is proposed with an underlying algorithm for defeating query based inference attacks on big data in Hadoop. The proposed algorithm is known as Multi-Model Defence Against Query Based Inference Attacks (MMD-QBIA). A realistic attack model is considered for validating the effectiveness of the proposed methodology. Then an integrated framework for security and privacy to big data is evaluated. Cloudera Distribution Hadoop (CDH) is the environment used for empirical study. The experimental results revealed that the proposed solution prevents different kinds of query based inference attacks on big data besides security to big data in Hadoop MapReduce framework.

show abstract

Section: Enhancing Mapreduce Layer For Big Data Privacymentioning

confidence: 99%

Integrated Security and Privacy Framework for Big Data in Hadoop MapReduce Framework

Sirisha¹

2021

TURCOMAT

View full text Add to dashboard Cite

show abstract

“…Other authors' research is focused on how to process data that is already encrypted. One paper, for example, explains a technique with which to analyse and programme transformations with PigLatin in the case of encrypted data [38].…”

Section: Cryptographymentioning

confidence: 99%

Main Issues in Big Data Security

2016

View full text Add to dashboard Cite

Data is currently one of the most important assets for companies in every field. The continuous growth in the importance and volume of data has created a new problem: it cannot be handled by traditional analysis techniques. This problem was, therefore, solved through the creation of a new paradigm: Big Data. However, Big Data originated new issues related not only to the volume or the variety of the data, but also to data security and privacy. In order to obtain a full perspective of the problem, we decided to carry out an investigation with the objective of highlighting the main issues regarding Big Data security, and also the solutions proposed by the scientific community to solve them. In this paper, we explain the results obtained after applying a systematic mapping study to security in the Big Data ecosystem. It is almost impossible to carry out detailed research into the entire topic of security, and the outcome of this research is, therefore, a big picture of the main problems related to security in a Big Data system, along with the principal solutions to them proposed by the research community.

show abstract

“…STYX derives this from program annotations in each vertex class in the graph. Once STYX derives the distinct streams and operations to be performed on those streams, we can proceed similarly as in our prior work [34] to infer the crypto systems required to execute the graph.…”

Section: Processing Secure Streamsmentioning

confidence: 99%

“…There can also be a mismatch between parent and child operator nodes if they do not belong to the same crypto system. In this case (unlike in [34]) a reencryption operator is inserted in between, which converts the stream from one crypto system to the other. These reencryption nodes are marked to be executed on the trusted tier so that the scheduler can place the tasks correctly.…”

Section: Processing Secure Streamsmentioning

confidence: 99%

Styx

Stephen

Savvides

Sundaram³

et al. 2016

Proceedings of the Seventh ACM Symposium on Cloud Computing

Self Cite

View full text Add to dashboard Cite

With the advent of the Internet of Things (IoT), billions of devices are expected to continuously collect and process sensitive data (e.g., location, personal health). Due to limited computational capacity available on IoT devices, the current de facto model for building IoT applications is to send the gathered data to the cloud for computation. While private cloud infrastructures for handling large amounts of data streams are expensive to build, using low cost public (untrusted) cloud infrastructures for processing continuous queries including on sensitive data leads to concerns over data confidentiality. This paper presents STYX, a novel programming abstraction and managed runtime system, that ensures confidentiality of IoT applications whilst leveraging the public cloud for continuous query processing. The key idea is to intelligently utilize partially homomorphic encryption to perform as many computationally intensive operations as possible in the untrusted cloud. STYX provides a simple abstraction to the IoT developer to hide the complexities of (1) applying complex cryptographic primitives, (2) reasoning about performance of such primitives, (3) deciding which computations can be executed in an untrusted tier, and (4) optimizing * cloud resource usage. An empirical evaluation with benchmarks and case studies shows the feasibility of our approach.

show abstract

Program analysis for secure big data processing

Cited by 9 publications

References 24 publications

Integrated Security and Privacy Framework for Big Data in Hadoop MapReduce Framework

Integrated Security and Privacy Framework for Big Data in Hadoop MapReduce Framework

Main Issues in Big Data Security

Styx

Contact Info

Product

Resources

About