Design of a Security Framework on MapReduce

Author

Zhen Guo ; Xudong Zhu ; Lijun Guo ; Si Kang

Author_Institution

Sch. of Inf. Sci. & Technol., Hainan Univ., Haikou, China

fYear

2013

fDate

9-11 Sept. 2013

Firstpage

139

Lastpage

145

Abstract

To deploy Map-Reduce as a data processing service over cloud computing, we must provide necessary security mechanisms to protect customers confidential data processed. In this paper, we present Map-Reduce based framework which provides strong security and privacy guarantees for distributed computations on sensitive data. The framework is a novel integration of access control via attribute-based encryption, and privacy-preserving aggregate computation via homomorphic encryption. Data providers control the security policy for their sensitive data. Users without security expertise can perform computations on the data, but the framework confines these computations, preventing information leakage beyond the data provider´s policy. Our prototype implementation demonstrates the flexibility of the framework on several case studies. It was proved more efficient than fully homomorphic encryption.

Keywords

authorisation; cloud computing; cryptography; data privacy; Map-Reduce based framework; access control; attribute-based encryption; cloud computing; customer confidential data protection; data processing service; distributed computations; homomorphic encryption; privacy-preserving aggregate computation; security framework design; security policy; sensitive data; Access control; Clustering algorithms; Distributed databases; Encryption; Vectors; Attribute-Based Encryption; Cloud Computing; Homomorphic Encryption; MapReduce;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Networking and Collaborative Systems (INCoS), 2013 5th International Conference on

Conference_Location

Xi´an

Type

conf

DOI

10.1109/INCoS.2013.29

Filename

6630399