100 likes | 116 Vues
Current Security Threats and Prevention Measures Relating to Cloud Services, Hadoop Concurrent Processing, and Big Data. Ather Sharif, Sarah Cooney, Shengqi gong, drew Vitek Department of computer science Saint Joseph’s university. Introduction and Motivation.
E N D
Current Security Threats and Prevention Measures Relating to Cloud Services, Hadoop Concurrent Processing, and Big Data Ather Sharif, Sarah Cooney, Shengqi gong, drew Vitek Department of computer science Saint Joseph’s university
Introduction and Motivation • “Big Data” has become a buzzword in almost every industry • Cloud based services are becoming increasingly popular for data storage and analysis • Massive data breaches are still all too common • The security of cloud services is very much reliant on the measures taken by the service provider • As future computer scientists, we feel that knowledge of Big Data and Cloud security measures is invaluable.
Cloud Services • In 2013 50% of US businesses were using some type of cloud service • “Notorious Nine Cloud Computing Threats” • Abuse of Cloud Services • Account or Service Traffic Hijacking • Data Breaches • Data Loss • Denial of Service • Insecure Interfaces and APIs • Insufficient Due Diligence • Malicious Insiders • Shared Technology Vulnerabilities
Verizon Cloud Security • 4 Layered Approach… Base Security Logical Security Value Added Security Governance Risk & Compliance
Big Data • In general, security risks associated with Big Data can be categorized by three V’s… • Volume… • Velocity… • Variety…
Theoretical Sticky Policy Framework Proposed by S. Li, T. Zhang, J. Gao, and Y. Park Based on the EnCoRe project Data Center Domain versus Trusted Authority Domain
Inside the Trusted Authority Domain • Identity and Key Management Engine • Policy Engine • Policy Portal • Policy Controller • Policy Negotiation Component • Policy Update Component • Enforcement Component • Policy Store
Hadoop • Security Vulnerabilities in the Cloud Based System • Difficult to locate and track the node holding a specific file chunk • Chunk Stealing • Chunk Injection
Twilio • Implementation of Hadoop via Amazon cloud services • Access Control Based on: • Job Roles • Bucket Policies • Access Control Lists • Physical Security Measures • Third Party Penetration Testing Every 6 Months • Safe Harbor Compliance
Conclusion With the continued increase in available data and growth in the use of cloud services, knowledge of how to secure these systems is imperative for any computer science professional, and will provide continued opportunity for jobs and research as we leave school to enter the professional world.