Mechanisms and techniques to enhance the security of big data analytic framework with MongoDB and Linux Containers

IF 2.3 Q2 COMPUTER SCIENCE, THEORY & METHODS Array Pub Date : 2022-09-01 DOI:10.1016/j.array.2022.100236
Akalanka Mailewa , Susan Mengel , Lisa Gittner , Hafiz Khan
{"title":"Mechanisms and techniques to enhance the security of big data analytic framework with MongoDB and Linux Containers","authors":"Akalanka Mailewa ,&nbsp;Susan Mengel ,&nbsp;Lisa Gittner ,&nbsp;Hafiz Khan","doi":"10.1016/j.array.2022.100236","DOIUrl":null,"url":null,"abstract":"<div><p>The frequency and scale of unauthorized access cases and misuses of data access privileges are a growing concern of many organizations. The protection of confidential data, such as social security numbers, financial information, etc., of the customers and/or employees is among the key responsibilities of any organization, and damage to such sensitive data can easily pose a threat to the future of a business and the security of the customers. Therefore, this paper proposes and implements some security mechanisms and techniques, such as secure authentication, secure authorization, and encryption, to assure the overall security of a big data analytic framework with MongoDB free community edition. This paper presents the fourth phase of our continuous research where in the first phase we proposed a data analytic framework with MongoDB and Linux Containers (LXCs) with basic security requirements. Next, in the second phase we proposed a vulnerability analysis testbed to find vulnerabilities associated with the system. Finally, in the third phase we discussed in detail root causes and some prevention techniques of vulnerabilities found in the system. In addition, this paper introduces a new security mechanism for privacy preserving data handling with MongoDB to ensure the privacy of the data before being processed. Our results show, with our initial model of the analytic framework, how well our newly introduced security mechanisms work and how these security mechanisms and techniques can be used to assure the confidentiality, integrity, and availability (CIA) of any data science project conducted on our proposed analytic framework. In addition, these security mechanisms and techniques help us to strengthen the current system against zero-day attacks where attacks on vulnerabilities that have not been patched or made public yet. Therefore, our vulnerability analysis testbed which is proposed in the second phase of this research will not be able to finds vulnerabilities related to zero-day attacks.</p></div>","PeriodicalId":8417,"journal":{"name":"Array","volume":"15 ","pages":"Article 100236"},"PeriodicalIF":2.3000,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S259000562200073X/pdfft?md5=9f51815b652b7bb9179c0c3a886fec36&pid=1-s2.0-S259000562200073X-main.pdf","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Array","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S259000562200073X","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 3

Abstract

The frequency and scale of unauthorized access cases and misuses of data access privileges are a growing concern of many organizations. The protection of confidential data, such as social security numbers, financial information, etc., of the customers and/or employees is among the key responsibilities of any organization, and damage to such sensitive data can easily pose a threat to the future of a business and the security of the customers. Therefore, this paper proposes and implements some security mechanisms and techniques, such as secure authentication, secure authorization, and encryption, to assure the overall security of a big data analytic framework with MongoDB free community edition. This paper presents the fourth phase of our continuous research where in the first phase we proposed a data analytic framework with MongoDB and Linux Containers (LXCs) with basic security requirements. Next, in the second phase we proposed a vulnerability analysis testbed to find vulnerabilities associated with the system. Finally, in the third phase we discussed in detail root causes and some prevention techniques of vulnerabilities found in the system. In addition, this paper introduces a new security mechanism for privacy preserving data handling with MongoDB to ensure the privacy of the data before being processed. Our results show, with our initial model of the analytic framework, how well our newly introduced security mechanisms work and how these security mechanisms and techniques can be used to assure the confidentiality, integrity, and availability (CIA) of any data science project conducted on our proposed analytic framework. In addition, these security mechanisms and techniques help us to strengthen the current system against zero-day attacks where attacks on vulnerabilities that have not been patched or made public yet. Therefore, our vulnerability analysis testbed which is proposed in the second phase of this research will not be able to finds vulnerabilities related to zero-day attacks.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
利用MongoDB和Linux容器增强大数据分析框架安全性的机制和技术
未经授权访问案例的频率和规模以及数据访问权限的滥用是许多组织日益关注的问题。保护客户和/或员工的机密数据,如社会安全号码、财务信息等,是任何组织的主要责任之一,对这些敏感数据的破坏很容易对业务的未来和客户的安全构成威胁。为此,本文提出并实现了安全认证、安全授权、加密等安全机制和技术,以保证MongoDB免费社区版大数据分析框架的整体安全。本文介绍了我们持续研究的第四阶段,在第一阶段,我们提出了一个具有基本安全要求的MongoDB和Linux容器(LXCs)的数据分析框架。接下来,在第二阶段,我们提出了一个漏洞分析测试平台,以发现与系统相关的漏洞。最后,在第三阶段,我们详细讨论了系统中漏洞的根源和一些预防技术。此外,本文还引入了一种新的MongoDB数据处理隐私保护安全机制,确保数据在处理前的隐私性。我们的结果显示,使用我们的分析框架的初始模型,我们新引入的安全机制是如何工作的,以及如何使用这些安全机制和技术来确保在我们提议的分析框架上进行的任何数据科学项目的机密性、完整性和可用性(CIA)。此外,这些安全机制和技术帮助我们加强当前系统对抗零日攻击,即针对尚未修补或尚未公开的漏洞的攻击。因此,我们在本研究第二阶段提出的漏洞分析测试平台将无法发现与零日攻击相关的漏洞。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Array
Array Computer Science-General Computer Science
CiteScore
4.40
自引率
0.00%
发文量
93
审稿时长
45 days
期刊最新文献
SAMU-Net: A dual-stage polyp segmentation network with a custom attention-based U-Net and segment anything model for enhanced mask prediction Combining computational linguistics with sentence embedding to create a zero-shot NLIDB Development of automatic CNC machine with versatile applications in art, design, and engineering Dual-model approach for one-shot lithium-ion battery state of health sequence prediction Maximizing influence via link prediction in evolving networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1