2,725 research outputs found
Security and Privacy Issues of Big Data
This chapter revises the most important aspects in how computing
infrastructures should be configured and intelligently managed to fulfill the
most notably security aspects required by Big Data applications. One of them is
privacy. It is a pertinent aspect to be addressed because users share more and
more personal data and content through their devices and computers to social
networks and public clouds. So, a secure framework to social networks is a very
hot topic research. This last topic is addressed in one of the two sections of
the current chapter with case studies. In addition, the traditional mechanisms
to support security such as firewalls and demilitarized zones are not suitable
to be applied in computing systems to support Big Data. SDN is an emergent
management solution that could become a convenient mechanism to implement
security in Big Data systems, as we show through a second case study at the end
of the chapter. This also discusses current relevant work and identifies open
issues.Comment: In book Handbook of Research on Trends and Future Directions in Big
Data and Web Intelligence, IGI Global, 201
AdSplit: Separating smartphone advertising from applications
A wide variety of smartphone applications today rely on third-party
advertising services, which provide libraries that are linked into the hosting
application. This situation is undesirable for both the application author and
the advertiser. Advertising libraries require additional permissions, resulting
in additional permission requests to users. Likewise, a malicious application
could simulate the behavior of the advertising library, forging the user's
interaction and effectively stealing money from the advertiser. This paper
describes AdSplit, where we extended Android to allow an application and its
advertising to run as separate processes, under separate user-ids, eliminating
the need for applications to request permissions on behalf of their advertising
libraries.
We also leverage mechanisms from Quire to allow the remote server to validate
the authenticity of client-side behavior. In this paper, we quantify the degree
of permission bloat caused by advertising, with a study of thousands of
downloaded apps. AdSplit automatically recompiles apps to extract their ad
services, and we measure minimal runtime overhead. We also observe that most ad
libraries just embed an HTML widget within and describe how AdSplit can be
designed with this in mind to avoid any need for ads to have native code
Recommended from our members
Preliminary Design of the SAFE Platform
SAFE is a clean-slate design for a secure host architecture. It integrates advances in programming languages, operating systems, and hardware and incorporates formal methods at every step. Though the project is still at an early stage, we have assembled a set of basic architectural choices that we believe will yield a high-assurance system. We sketch the current state of the design and discuss several of these choices.Engineering and Applied Science
Constructing provenance-aware distributed systems with data propagation
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2010.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Cataloged from student submitted PDF version of thesis.Includes bibliographical references (p. 93-96).Is it possible to construct a heterogeneous distributed computing architecture capable of solving interesting complex problems? Can we easily use this architecture to maintain a detailed history or provenance of the data processed by it? Most existing distributed architectures can perform only one operation at a time. While they are capable of tracing possession of data, these architectures do not always track the network of operations used to synthesize new data. This thesis presents a distributed implementation of data propagation, a computational model that provides for concurrent processing that is not constrained to a single distributed operation. This system is capable of distributing computation across a heterogeneous network. It allows for the division of multiple simultaneous operations in a single distributed system. I also identify four constraints that may be placed on general-purpose data propagation to allow for deterministic computation in such a distributed propagation network. This thesis also presents an application of distributed propagation by illustrating how a generic transformation may be applied to existing propagator networks to allow for the maintenance of data provenance. I show that the modular structure of data propagation permits the simple modification of a propagator network design to maintain the histories of data.by Ian Campbell Jacobi.S.M
- …