Abstract
Many applications, e.g., scientific computing, weather prediction, medical image processing, require the manipulation of large amounts of data. Analysis of web traffic, sales, travel, and all kinds of human activities can bring valuable insights for business and science [27]. This work has been done until now in large multiprocessors in the computer centers of large institutions, whose increasing power allows more and more aspects to be analyzed and with more detail [29]. Recently, the cloud has brought the possibility of processing and storing large amounts of data at a relatively low cost and from anywhere in the world. However, this wide accessibility increases the vulnerability of their systems and the emphasis on fast processing leads often to sacrificing security. We survey here the security implications of data intensive applications in the new environments. A more specific discussion, considering just clouds, is given in[35].
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
R. Anderson, Security Engineering (2 nd. Ed.), Wiley, 2008.
M. Anisetti, C.A. Ardagna, and E. Damiani, “Container-level security certification of services”, International Workshop on Business System Management and Engineering (BSME 2010).
P. Avgeriou, “Describing, instantiating and evaluating a reference architecture: A case study”, Enterprise Architecture Journal, June 2003.
D. Bayliss, HPCC systems: Aggregated data analysis: The paradigm shift”, Lexis Nexis white paper, May 2011, http://hpccsystems.com
F. Braz, E.B. Fernandez, and M. VanHilst, “Eliciting security requirements through misuse activities” Procs. of the 2nd Int. Workshop on Secure Systems Methodologies using Patterns (SPattern’08). Turin, Italy, September 1–5, 2008. 328–333.
R.E. Bryant, “Data intensive supercomputing”, Slide presentation, http://www.cs.cmu.edu/~bryant
S. Ceri, P. Fraternali, and M. Matera, “Conceptual modeling of data-intensive web applications”, IEEE Internet Computing, July-August 2002, 20–30.
R. Elmasri, and S. Navathe, Fundamentals of Database Systems, Sixth Edition. Pearson. 2010.
E.B. Fernandez, M.M. Larrondo-Petrie, T. Sorgente, and M. VanHilst, “A methodology to develop secure systems using patterns”, Chapter 5 in “Integrating security and software engineering: Advances and future vision”, H. Mouratidis and P. Giorgini (Eds.), IDEA Press, 2006, 107–126.
E.B. Fernandez, “Security patterns and a methodology to apply them”, in Security and Dependability for Ambient Intelligence, G. Spanoudakis and A. Maña (Eds.), Springer Verlag, 2009.
E.B. Fernandez, C. Marin, and M.M. Larrondo Petrie, “Security requirements for social networks in Web 2.0”, in the Handbook of Social Networks: Technologies and Applications, B. Furht (Editor), Springer 2010.
E.B. Fernandez, E. Gudes, and M. Olivier, The design of secure systems, Addison-Wesley, to appear.
E.B. Fernandez, Designing secure architectures using security patterns, under contract with J. Wiley. To appear in the Wiley Series on Software Design Patterns.
E.B. Fernandez and S. Mujica, “Model-based development of security requirements”, accepted for the CLEI (Latin-American Center for Informatics Studies) Journal.
I. Foster, J. Voeckler, M. Wilde, and Y. Zhao, “The Virtual Data Grid: A new model and architecture for data-intensive collaboration”, Proceedings of the 15th International Conference on Scientific and Statistical Database Management (SSDBM ’03), IEEE Computer Society, Washington, DC, USA, 2003.
I. Foster, Y. Zhao, I. Raicu, and S. Lu, “Cloud Computing and Grid Computing 360-Degree Compared”, CoRR, Vol. 0901, 2009.
D. Gollmann, Computer security (2 nd Ed.), Wiley, 2006.
Gorton, I., Greenfield, P., Szalay, A., & Williams, R. (2008). “Data-intensive computing in the 21st century”. IEEE Computer, 41(4), 30–32.
I. Gorton, “Software Architecture Challenges for Data Intensive Computing”, Procs. Seventh Working IEEE/IFIP Conference on Software Architecture, WICSA 2008, 4–6.
R.L. Grossman and Y. Gu, “On the varieties of clouds for data intensive computing”, Bull. of the IEEE Comp. Soc. Tech. Comm. on Data Eng., 209, 1–7. http://sites.computer.org/debull/A09mar/issue1.htm
A. Hameurlain, F. Morvan, and M. El Samad, “Large scale data management in grid systems: a survey”, Information and Communication Technologies: From Theory to Applications, ICTTA 2008. 1–6.
K. Hashizume, E.B. Fernandez, and N. Yoshioka, “Misuse patterns for cloud computing”, accepted for the Twenty-Third International Conference on Software Engineering and Knowledge Engineering (SEKE 2011), Miami Beach, USA, July 7–9, 2011.
Lexis Nexis HPCC, Data-Intensive Computing Solutions, http://wpc.423a.edgecastcdn.net/00423A/whitepapers/wp_data{\_}intensive{\_}computing{\_}solutions.pdf (last retrieved June 30, 2011).
N. Katic, G. Quirchmayr, J. Schiefer, M. Stolba and A. M. Tjoa. “A Prototype Model for Data Warehouse Security Based on Metadata”, Int. Workshop on Security and Integrity of Data Intensive Applications in conjunction with the 9th Int. Conf. on Database and Expert Systems Applications (DEXA’98), University of Vienna, Austria, 24–28 August, 1998.
B. Lang, I. Foster, F. Siebenlist, R. Ananthakrishnan, T. Freeman A Flexible Attribute Based Access Control Method for Grid Computing 2009 GSC.
J. Legrand et al., “Monitoring and control of large systems with MonALISA”, Comm. of the ACM, vol. 52, No 9, Sept. 2009, 49–55.
S. Lohr, “New ways to exploit raw data may bring surge of innovation, a study says”, The New York Times, Friday, May 13, 2011, B3.
A. Manjhi, A. Ailamaki, B.M. Maggs, T.C. Mowry, C. Olston, and A. Tomasic “Simultaneous scalability and security for data intensive web applications”, Procs. of SIGMOD 2006, June 27–29, 2006, Chicago, Illinois, USA.
J. Markoff, “Digging deeper, seeing farther: Supercomputers alter science”, The New York Times, Tuesday, April 26, 2011, D1and D3.
C. Mattmann, D. Crichton, J. S. Hughes, S.C. Kelly, and P. M. Ramirez, “Software architecture for large-scale, distributed, data-intensive systems”, Procs. of the4 th Working IEEE/IFIP Conf. on Software Architecture (WICSA’4). Osto, Norway, June 2004.
C. Mattmann, D. Crichton, N. Medvidovic and S. Hughes, “A Software Architecture-Based Framework for Highly Distributed and Data Intensive Scientific Applications”. In Proceedings of the 28th International Conference on Software Engineering (ICSE06), pp. 721–730, Shanghai, China, May 20th-28th, 2006.
C. Mattmann, D. Crichton, A. Hart, S. Kelly, and J.S. Hughes, “Experiments with Storage and Preservation of NASA’s Planetary Data via the Cloud”, IEEE IT Professional – Special Theme on Cloud Computing, Vol. 12, No. 5, September/October, 2010, 28–35.
D. McCreary and D. McKnight, The CIO’s guide to NoSQL, http://www.Dataversity.net
C. Miceli et al., “Programming abstractions for data intensive computing on clouds and grids”, Procs. 9 th IEEE/ACM Int. Symp. on Cluster Computing and the Grid, 2009, 478–483.
A. Nourian, M. Maheswaran, and M. Pourzandi, “Privacy and Security Requirements of Data Intensive Applications in Clouds”, Chapter 20, this book.
P. Patel, A. Ranabahu, and A. Sheth, “Service Level Agreement in Cloud Computing”, Cloud Workshops at OOPSLA, 2009.
I. Roy, S.T.V. Setty, A. Kilzer, V. Shmatikov, and E. Witchel, Airavat: Security and Privacy for MapReduce http://www.cs.utexas.edu/~shmat/shmat_nsdi10.pdf
J. Schlesinger, “Cloud security in MapReduce: An analysis”, http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-jason_schlesinger-cloud{\_{security.pdf
F. Siebenlist, R. Ananthakrishnan, D.E. Bernholdt, L. Cinquini, I.T. Foster, DE Middleton, and N. Miller, DN Williams Enhancing the earth system grid security infrastructure through single sign-on and autoprovisioning Proceeding GCE ’09 Proceedings of the 5th Grid Computing Environments Workshop ACM New York, NY, USA © 2009.
S. Singh et al., “A metadata catalog service for data intensive applications”, Procs. ACM/IEEE Sc 2003 Conference, ACM 2003.
A. Singh, M. Srivatsa, and L. Liu, “Efficient and secure search of enterprise file systems”, Procs. of WWW 2007, May 2007, Banff, CA.
M. Stonebraker, “SciDB: An Open Source Data Base Project “, presentation 2008.
R. Villarroel, E. Fernandez-Medina, M. Piattini, and J. Trujillo, “A UML 2.0/OCL Extension for Designing Secure Data Warehouses”, Journal of Research and Practice in Information Technology, Vol. 38, No. 1, February 2006, 31–43.
X. Wei et al., GDIA: A Scalable Grid Infrastructure for Data Intensive Applications, in Int Conf. on Hybrid Information Technology, 2006. ICHIT ’06. Nov. 2006.
B. Zhou and J. Pei, Privacy Preserving Data Mining and Social Computing in Large-Scale Social Networks, chapter 13 of this book.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Fernandez, E.B. (2011). Security in Data Intensive Computing Systems. In: Furht, B., Escalante, A. (eds) Handbook of Data Intensive Computing. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-1415-5_16
Download citation
DOI: https://doi.org/10.1007/978-1-4614-1415-5_16
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-1414-8
Online ISBN: 978-1-4614-1415-5
eBook Packages: Computer ScienceComputer Science (R0)