Skip to main content
SpringerLink
Log in

An Attribute-Based Fine-Grained Access Control Mechanism for HBase

  • Conference paper
  • First Online:
Database and Expert Systems Applications (DEXA 2019)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11706))

Included in the following conference series:

Abstract

In the current age of big data, the access control mechanism of HBase, a kind of NoSQL big data management system, needs to be improved, because there are some limitations of Role-Based Access Control (RBAC) in HBase. The coarse-grained access permissions produce little effect in many cases, and the elements used for authorization are not comprehensive enough. Attribute-Based Access Control (ABAC) is suitable for the authorization of NoSQL data storages due to its flexibility. However, it has not been investigated in HBase deeply. The objective of this paper is to study the data access control in HBase and to develop an ABAC-based mechanism for the security of HBase data. In light of the wide column feature of HBase, an Attribute-Based Fine-Grained Access Control mechanism (AGAC) is proposed, which covers two aspects, users’ atomic operations and five granularity levels. When a user needs to access data in HBase storage, the AGAC will give the permission or deny by verifying user’s atomic operations and by analyzing user’s attributes according to the access control policies related to the data granularity level. This access control mechanism is verified on publically available email dataset and is proven to be effective to improve the access control capability of HBase.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Apache HBase™ Reference Guide. http://hbase.apache.org/book.html. Accessed 20 Feb 2019

  2. Hu, V.C., Kuhn, D.R., Ferraiolo, D.F.: Attribute-based access control. Computer 48(2), 85–88 (2015)

    Article  Google Scholar 

  3. Colombo, P., Ferrari, E.: Towards a unifying attribute based access control approach for NoSQL datastores. In: Proceedings of the IEEE 33rd International Conference on Data Engineering, pp. 709–720. IEEE Computer Society, San Diego (2017)

    Google Scholar 

  4. Colombo, P., Ferrari, E.: Access control technologies for Big Data management systems: literature review and future trends. Cybersecurity 2(1), 3 (2019)

    Article  Google Scholar 

  5. Colombo, P., Ferrari, E.: Access control in the era of big data: state of the art and research directions. In: Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies, pp. 185–192. ACM, Indianapolis (2018)

    Google Scholar 

  6. Ong, K.W., Papakonstantinou, Y., Vernoux, R.: The SQL++ unifying semi-structured query language, and an expressiveness benchmark of SQL-on-Hadoop, NoSQL and NewSQL databases. Comput. Sci. CoRR, abs/1405.3631 (2014)

    Google Scholar 

  7. Kulkarni, D.: A fine-grained access control model for key-value systems. In: Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy, pp. 161–163. ACM, San Antonio (2013)

    Google Scholar 

  8. Longstaff, J., Noble, J.: Attribute based access control for big data applications by query modification. In: Proceedings of the IEEE Second International Conference on Big Data Computing Service and Applications, pp. 58–65, IEEE, Oxford (2016)

    Google Scholar 

  9. Lai, Y.Y., Qian, Q.: HBase fine grained access control with extended permissions and inheritable roles. In: Proceedings of the 2015 IEEE/ACIS 16th International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, pp. 181–185, IEEE, Takamatsu (2015)

    Google Scholar 

  10. Colombo, P., Ferrari, E.: Towards virtual private NoSQL datastores. In: Proceedings of the 32nd IEEE International Conference on Data Engineering, pp. 193–204, IEEE, Helsinki (2016)

    Google Scholar 

  11. Colombo, P., Ferrari, E.: Enhancing MongoDB with purpose based access control. IEEE Trans. Dependable Secure Comput. 14(6), 591–604 (2017)

    Article  Google Scholar 

  12. Colombo, P., Ferrari, E.: Fine-grained access control within NoSQL document-oriented datastores. Data Sci. Eng. 1(3), 127–138 (2016)

    Article  Google Scholar 

  13. Huang, L.Q., Zhu, Y., Tao, X.: Research on fine-grained access control method based on HBase. Appl. Res. Comput. (2019). https://doi.org/10.19734/j.issn.1001-3695.2018.08.0648. (In Chinese)

  14. Flexible XML framework for Java. https://dom4j.github.io/. Accessed 20 Feb 2019

  15. Klimt, B., Yang, Y.: The enron corpus: a new dataset for email classification research. In: Boulicaut, J.-F., Esposito, F., Giannotti, F., Pedreschi, D. (eds.) ECML 2004. LNCS (LNAI), vol. 3201, pp. 217–226. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30115-8_22

    Chapter  Google Scholar 

  16. DB-Engines Ranking. https://db-engines.com/en/ranking. Accessed 20 Feb 2019

Download references

Acknowledgement

This work is supported by the Sichuan Science and Technology Program (No 2019YFSY0032).

Author information

Authors and Affiliations

  1. Southwest Jiaotong University, Chengdu, 611756, China

    Liangqiang Huang, Yan Zhu, Xin Wang & Faisal Khurshid

Authors
  1. Liangqiang Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Faisal Khurshid
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yan Zhu .

Editor information

Editors and Affiliations

  1. Clausthal University of Technology, Clausthal-Zellerfeld, Germany

    Sven Hartmann

  2. Johannes Kepler University of Linz, Linz, Austria

    Josef Küng

  3. The University of Texas at Arlington, Arlington, TX, USA

    Sharma Chakravarthy

  4. Johannes Kepler University of Linz, Linz, Austria

    Gabriele Anderst-Kotsis

  5. Software Competence Center Hagenberg, Hagenberg im Mühlkreis, Austria

    A Min Tjoa

  6. Johannes Kepler University of Linz, Linz, Austria

    Ismail Khalil

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Huang, L., Zhu, Y., Wang, X., Khurshid, F. (2019). An Attribute-Based Fine-Grained Access Control Mechanism for HBase. In: Hartmann, S., Küng, J., Chakravarthy, S., Anderst-Kotsis, G., Tjoa, A., Khalil, I. (eds) Database and Expert Systems Applications. DEXA 2019. Lecture Notes in Computer Science(), vol 11706. Springer, Cham. https://doi.org/10.1007/978-3-030-27615-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-27615-7_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-27614-0

  • Online ISBN: 978-3-030-27615-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation