Secure Data Access in Hadoop Using Elliptic Curve Cryptography

  • Antonio F. DíazEmail author
  • Ilia Blokhin
  • Julio Ortega
  • Raúl H. Palacios
  • Cristina Rodríguez-Quintana
  • Juan Díaz-García
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10049)


Big data analytics allows to obtain valuable information from different data sources. It is important to maintain control of those data because unauthorised copies could be used by other entities or companies interested in them. Hadoop is widely used for processing large volumes of information and therefore is ideal for developing big data applications. Its security model focuses on the control within a cluster by preventing unauthorised users, or encrypting data distributed among nodes. Sometimes, data theft is carried out by personnel who have access to the system so they can skip most of the security features. In this paper, we present an extension to the Hadoop security model that lets control the information from the source, avoiding that data can be used by unauthorised users and improving corporative e-governance. We use an eToken with elliptic curve cryptography that performs a robust operation of the system and prevents from being falsified, duplicated or manipulated.


Hadoop Big data Security Elliptic curve cryptography 


  1. 1.
    Algorithms, key size and parameters report - 2014. ENISA (2016)Google Scholar
  2. 2.
    Apache hadoop (2016)Google Scholar
  3. 3.
    ATECC508A Atmel CryptoAutentication Device. Atmel (2016)Google Scholar
  4. 4.
    Cloudera Apache Hadoop. Cloudera (2016)Google Scholar
  5. 5.
    FIPS PUB 186–3. Digital Signature Standard (DSS). FIPS (2016)Google Scholar
  6. 6.
    Hadoop in secure mode. Apache (2016)Google Scholar
  7. 7.
    IEEE P1619/D16 Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices). IEEE (2016)Google Scholar
  8. 8.
    Intel Advanced Encryption Standard Instructions (AES-NI). Intel (2016)Google Scholar
  9. 9.
    NIST Spp. 800–56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography. NIST (2016)Google Scholar
  10. 10.
    What is Apache Hadoop? Hortonworks (2016)Google Scholar
  11. 11.
    Al-Kiswany, S., Gharaibeh, A., Santos-Neto, E., Yuan, G., Ripeanu, M.: Storegpu: exploiting graphics processing units to accelerate distributed storage systems. In: Parashar, M., Schwan, K., Weissman, J.B., Laforenza, D. (eds.), HPDC, pp. 165–174. ACM (2008)Google Scholar
  12. 12.
    Bhatotia, P., Rodrigues, R., Verma, A.: Shredder: Gpu-accelerated incremental storage and computation. In: Proceedings of the 10th USENIX Conference on File and Storage Technologies, FAST 2012, p. 14, Berkeley, CA, USA (2012). USENIX AssociationGoogle Scholar
  13. 13.
    Jam, M.R., Khanli, L.M., Javan, M.S., Akbari, M.K.: A survey on security of hadoop. In: 2014 4th International eConference on Computer and Knowledge Engineering (ICCKE), pp. 716–721, October 2014Google Scholar
  14. 14.
    Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ecdsa) (2016)Google Scholar
  15. 15.
    Kadre, V., Chaturvedi, S.: Article: Aes - mr: A novel encryption scheme for securing data in hdfs environment using mapreduce. Int. J. Comput. Appl. 129(12), 12–19 (2015). Published by Foundation of Computer Science (FCS), NY, USAGoogle Scholar
  16. 16.
    Lakhe, B.: Practical Hadoop Security. Apress, Berkely (2014)CrossRefGoogle Scholar
  17. 17.
    Lin, H.Y., Shen, Tzeng, W.G., Lin, B.S.P.: Toward data confidentiality via integrating hybrid encryption schemes and hadoop distributed file system. In: 2012 IEEE 26th International Conference on Advanced Information Networking and Applications (AINA), pp. 740–747, March 2012Google Scholar
  18. 18.
    Martin, L.: Xts: A mode of aes for encrypting hard disks. IEEE Secur. Priv. 8(3), 68–69 (2010)CrossRefGoogle Scholar
  19. 19.
    Park, S., Lee, Y.: Secure hadoop with encrypted HDFS. In: Park, J.J.J.H., Arabnia, H.R., Kim, C., Shi, W., Gil, J.-M. (eds.) GPC 2013. LNCS, vol. 7861, pp. 134–141. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-38027-3_14 CrossRefGoogle Scholar
  20. 20.
    Sun, W., Ricci, R., Curry, M.L.: Gpustore: Harnessing gpu computing for storage systems in the os kernel. In: Proceedings of the 5th Annual International Systems and Storage Conference, SYSTOR 2012, pp. 9: 1–9: 12. ACM, New York, NY, USA (2012)Google Scholar
  21. 21.
    Vanstone, S.: Responses to NISTs proposal. Commun. ACM 35, 50–52 (1992). ACMCrossRefGoogle Scholar
  22. 22.
    Yang, C., Lin, W., Liu, M.: A novel triple encryption scheme for hadoop-based cloud data security. In: 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies (EIDWT), pp. 437–442, Sept 2013Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Antonio F. Díaz
    • 1
    Email author
  • Ilia Blokhin
    • 1
  • Julio Ortega
    • 1
  • Raúl H. Palacios
    • 1
  • Cristina Rodríguez-Quintana
    • 1
  • Juan Díaz-García
    • 1
  1. 1.Department of Computer Architecture and TechnologyUniversity of Granada, Granada and Andalusian Health Service (SAS)GranadaSpain

Personalised recommendations