Abstract
Big data analytics allows to obtain valuable information from different data sources. It is important to maintain control of those data because unauthorised copies could be used by other entities or companies interested in them. Hadoop is widely used for processing large volumes of information and therefore is ideal for developing big data applications. Its security model focuses on the control within a cluster by preventing unauthorised users, or encrypting data distributed among nodes. Sometimes, data theft is carried out by personnel who have access to the system so they can skip most of the security features. In this paper, we present an extension to the Hadoop security model that lets control the information from the source, avoiding that data can be used by unauthorised users and improving corporative e-governance. We use an eToken with elliptic curve cryptography that performs a robust operation of the system and prevents from being falsified, duplicated or manipulated.
A.F. Díaz—This work has been partially supported by European Union FEDER and the Spanish Ministry of Economy and Competitiveness TIN2015-67020-P, FPA2015-65150-C3-3-P, and PROMEP/103.5/13/6475 UAEH-146.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Algorithms, key size and parameters report - 2014. ENISA (2016)
Apache hadoop (2016)
ATECC508A Atmel CryptoAutentication Device. Atmel (2016)
Cloudera Apache Hadoop. Cloudera (2016)
FIPS PUB 186–3. Digital Signature Standard (DSS). FIPS (2016)
Hadoop in secure mode. Apache (2016)
IEEE P1619/D16 Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices). IEEE (2016)
Intel Advanced Encryption Standard Instructions (AES-NI). Intel (2016)
NIST Spp. 800–56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography. NIST (2016)
What is Apache Hadoop? Hortonworks (2016)
Al-Kiswany, S., Gharaibeh, A., Santos-Neto, E., Yuan, G., Ripeanu, M.: Storegpu: exploiting graphics processing units to accelerate distributed storage systems. In: Parashar, M., Schwan, K., Weissman, J.B., Laforenza, D. (eds.), HPDC, pp. 165–174. ACM (2008)
Bhatotia, P., Rodrigues, R., Verma, A.: Shredder: Gpu-accelerated incremental storage and computation. In: Proceedings of the 10th USENIX Conference on File and Storage Technologies, FAST 2012, p. 14, Berkeley, CA, USA (2012). USENIX Association
Jam, M.R., Khanli, L.M., Javan, M.S., Akbari, M.K.: A survey on security of hadoop. In: 2014 4th International eConference on Computer and Knowledge Engineering (ICCKE), pp. 716–721, October 2014
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ecdsa) (2016)
Kadre, V., Chaturvedi, S.: Article: Aes - mr: A novel encryption scheme for securing data in hdfs environment using mapreduce. Int. J. Comput. Appl. 129(12), 12–19 (2015). Published by Foundation of Computer Science (FCS), NY, USA
Lakhe, B.: Practical Hadoop Security. Apress, Berkely (2014)
Lin, H.Y., Shen, Tzeng, W.G., Lin, B.S.P.: Toward data confidentiality via integrating hybrid encryption schemes and hadoop distributed file system. In: 2012 IEEE 26th International Conference on Advanced Information Networking and Applications (AINA), pp. 740–747, March 2012
Martin, L.: Xts: A mode of aes for encrypting hard disks. IEEE Secur. Priv. 8(3), 68–69 (2010)
Park, S., Lee, Y.: Secure hadoop with encrypted HDFS. In: Park, J.J.J.H., Arabnia, H.R., Kim, C., Shi, W., Gil, J.-M. (eds.) GPC 2013. LNCS, vol. 7861, pp. 134–141. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38027-3_14
Sun, W., Ricci, R., Curry, M.L.: Gpustore: Harnessing gpu computing for storage systems in the os kernel. In: Proceedings of the 5th Annual International Systems and Storage Conference, SYSTOR 2012, pp. 9: 1–9: 12. ACM, New York, NY, USA (2012)
Vanstone, S.: Responses to NISTs proposal. Commun. ACM 35, 50–52 (1992). ACM
Yang, C., Lin, W., Liu, M.: A novel triple encryption scheme for hadoop-based cloud data security. In: 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies (EIDWT), pp. 437–442, Sept 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Díaz, A.F., Blokhin, I., Ortega, J., Palacios, R.H., Rodríguez-Quintana, C., Díaz-García, J. (2016). Secure Data Access in Hadoop Using Elliptic Curve Cryptography. In: Carretero, J., et al. Algorithms and Architectures for Parallel Processing. ICA3PP 2016. Lecture Notes in Computer Science(), vol 10049. Springer, Cham. https://doi.org/10.1007/978-3-319-49956-7_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-49956-7_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49955-0
Online ISBN: 978-3-319-49956-7
eBook Packages: Computer ScienceComputer Science (R0)