21,813 research outputs found
Attribute Based Access Control for Big Data Applications by Query Modification
We present concepts which can be used for the efficient implementation of Attribute Based Access Control (ABAC) in large applications using maybe several data storage technologies, including Hadoop, NoSQL and relational database systems. The ABAC authorization process takes place in two main stages. Firstly a sequence of permissions is derived which specifies permitted data to be retrieved for the user's transaction. Secondly, query modification is used to augment the user's transaction with code which implements the ABAC controls. This requires the storage technologies to support a high-level language such as SQL or similar. The modified user transactions are then optimized and processed using the full functionality of the underlying storage systems. We use an extended ABAC model (TCM2) which handles negative permissions and overrides in a single permissions processing mechanism. We illustrate these concepts using a compelling electronic health records scenario
Experimental Study of the Cloud Architecture Selection for Effective Big Data Processing
Big data dictate their requirements to the hardware and software. Simple
migration to the cloud data processing, while solving the problem of increasing
computational capabilities, however creates some issues: the need to ensure the
safety, the need to control the quality during data transmission, the need to
optimize requests. Computational cloud does not simply provide scalable
resources but also requires network infrastructure, unknown routes and the
number of user requests. In addition, during functioning situation can occur,
in which you need to change the architecture of the application - part of the
data needs to be placed in a private cloud, part in a public cloud, part stays
on the client
Link Before You Share: Managing Privacy Policies through Blockchain
With the advent of numerous online content providers, utilities and
applications, each with their own specific version of privacy policies and its
associated overhead, it is becoming increasingly difficult for concerned users
to manage and track the confidential information that they share with the
providers. Users consent to providers to gather and share their Personally
Identifiable Information (PII). We have developed a novel framework to
automatically track details about how a users' PII data is stored, used and
shared by the provider. We have integrated our Data Privacy ontology with the
properties of blockchain, to develop an automated access control and audit
mechanism that enforces users' data privacy policies when sharing their data
across third parties. We have also validated this framework by implementing a
working system LinkShare. In this paper, we describe our framework on detail
along with the LinkShare system. Our approach can be adopted by Big Data users
to automatically apply their privacy policy on data operations and track the
flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on
Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE
International Conference on Big Data (IEEE BigData 2017) December 14, 2017,
Boston, MA, US
- …