Académique Documents
Professionnel Documents
Culture Documents
Ajit Gaddam
ajit@root777.com
Abstract
Security and privacy issues are magnified by the volume,
variety, and velocity of Big Data. The diversity of data
sources, formats, and data flows, combined with the
streaming nature of data acquisition and high volume
create unique security risks.
This paper details the security challenges when
organizations start moving sensitive data to a Big Data
repository like Hadoop. It identifies the different threat
models and the security control framework to address and
mitigate security risks due to the identified threat
conditions and usage models. The framework outlined in
this paper is also meant to be distribution agnostic.
Keywords: Hadoop, Big Data, enterprise, defense, risk, Big
Data Reference Framework, Security and Privacy, threat
model
Introduction
7.
8.
Is hardware agnostic
Is extensible where its basic capabilities can be
augmented and altered
2.1
Top 10 Security & Privacy
Challenges
2.2
Data Management
Data Classification
Data Discovery
Data Tagging
Authorization
(datanode-to-namenode-to-other mgmt. nodes)
RBAC Authorization
Tokenization
Network Security
Packet Level Encryption
In Cluster (namenodejobtacker-datanode)
SSL, TLS
Network Security
Zoning
Secure Enhanced
Linux
5.
3.1
Data Management
Data Classification
Data Discovery
3.
4.
5.
6.
3.1.3
3.2.1
Data Tagging
2.
3.
4.
5.
3.2
3.3
RBAC Authorization
3.3.3
1.
5.
2.
3.
4.
3.4
3.4.2
Network Security
3.4.1
3.5
Logging / Audit
3.5.2
Final Recommendations
2.
3.
4.
5.
References
[1] EMC Big Data 2020 Projects
http://www.emc.com/leadership/digitaluniverse/iview/big-data-2020.htm
[2] NIST Special Publication 1500-1 NIST Big Data
Interoperability Framework: Volume 1, Definitions
http://bigdatawg.nist.gov/_uploadfiles/M0392_v1
_3022325181.pdf
Related Work
Conclusion