Title :
Towards a Cross-Domain MapReduce Framework
Author :
Nguyen, T.D. ; Gondree, Mark A. ; Khosalim, Jean ; Irvine, Cynthia E.
Author_Institution :
Dept. of Comput. Sci., Naval Postgrad. Sch., Monterey, CA, USA
Abstract :
The Apache Hadoop® framework provides parallel processing and distributed data storage capabilities that data analytics applications can utilize to process massive sets of raw data. These Big Data applications typically run as a set of MapReduce jobs to take advantage of Hadoop´s ease of service deployment and large-scale parallelism. Yet, Hadoop has not been adapted for multilevel secure (MLS) environments where data of different security classifications co-exist. To solve this problem, we have used the Security Enhanced Linux (SELinux) Linux kernel extension in a prototype cross-domain Hadoop on which multiple instances of Hadoop applications run at different sensitivity levels. Their accesses to Hadoop resources are constrained by the underlying MLS policy enforcement mechanism. A benefit of our prototype is its extension of the Hadoop Distributed File System to provide a cross-domain read-down capability for Hadoop applications without requiring complex Hadoop server components to be trustworthy.
Keywords :
Big Data; Linux; parallel processing; security of data; storage management; Apache Hadoop framework; Hadoop Distributed File System; MLS policy enforcement mechanism; SELinux; big data applications; cross-domain MapReduce framework; data analytics applications; distributed data storage capabilities; multilevel secure environments; parallel processing; security enhanced Linux kernel extension; Cloud computing; Databases; File systems; Prototypes; Security; Sensitivity; Servers; Hadoop; MapReduce; cross-domain services; multilevel security;
Conference_Titel :
Military Communications Conference, MILCOM 2013 - 2013 IEEE
Conference_Location :
San Diego, CA
DOI :
10.1109/MILCOM.2013.243
