Access Control Analysis in Heterogeneous Big Data Management Systems
Salvato in:
| Pubblicato in: | Programming and Computer Software vol. 50, no. 7 (Dec 2024), p. 549 |
|---|---|
| Pubblicazione: |
Springer Nature B.V.
|
| Soggetti: | |
| Accesso online: | Citation/Abstract Full Text Full Text - PDF |
| Tags: |
Nessun Tag, puoi essere il primo ad aggiungerne!!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3140795426 | ||
| 003 | UK-CbPIL | ||
| 022 | |a 0361-7688 | ||
| 022 | |a 1608-3261 | ||
| 024 | 7 | |a 10.1134/S0361768824700269 |2 doi | |
| 035 | |a 3140795426 | ||
| 045 | 2 | |b d20241201 |b d20241231 | |
| 245 | 1 | |a Access Control Analysis in Heterogeneous Big Data Management Systems | |
| 260 | |b Springer Nature B.V. |c Dec 2024 | ||
| 513 | |a Journal Article | ||
| 520 | 3 | |a Big data management systems are in demand today in almost all industries, being also a foundation for artificial intelligence training. The use of heterogeneous polystores in big data systems has led to the fact that tools within the same system have different data granularity and access control models. The harmonization of these components by the security administrator and the implementation of a common access policy are now carried out by hand. This leads to an increasing number of vulnerabilities, which in turn become frequent causes of data leaks. The current situation in the field of automation and analysis of access control in big data systems reveals the lack of automation solutions for polystore-based systems. This paper addresses the problem of automated access control analysis in big data management systems. We formulate and discuss the main contradiction between the requirement of scalability and flexibility of access control and the increased workload on the security administrator, aggravated by the use of different data and access control models in system components. To solve this problem, we propose a new automated method for analyzing security policies based on a graph model, which reduces the number of potential vulnerabilities caused by incorrect management of big data systems. The proposed method uses the data lifecycle model of the system, its current settings, and the required security policy. The use of two-pass analysis (from data sources to data receivers and back) allows us to solve two problems: the analysis of the access control system for potential vulnerabilities and the check for business logic vulnerabilities. As an example, we consider the use of a developed prototype tool for security policy analysis in a big data management system. | |
| 653 | |a Data management | ||
| 653 | |a Data analysis | ||
| 653 | |a Big Data | ||
| 653 | |a Data models | ||
| 653 | |a Data integrity | ||
| 653 | |a Systems analysis | ||
| 653 | |a Security | ||
| 653 | |a Infrastructure | ||
| 653 | |a Distributed ledger | ||
| 653 | |a Policy analysis | ||
| 653 | |a Knowledge management | ||
| 653 | |a Flexibility | ||
| 653 | |a Data systems | ||
| 653 | |a Demand analysis | ||
| 653 | |a Data processing | ||
| 653 | |a Access control | ||
| 653 | |a Blockchain | ||
| 653 | |a Data encryption | ||
| 653 | |a Control systems | ||
| 653 | |a Automation | ||
| 653 | |a Artificial intelligence | ||
| 653 | |a Workloads | ||
| 653 | |a Management systems | ||
| 773 | 0 | |t Programming and Computer Software |g vol. 50, no. 7 (Dec 2024), p. 549 | |
| 786 | 0 | |d ProQuest |t Advanced Technologies & Aerospace Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3140795426/abstract/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3140795426/fulltext/embedded/6A8EOT78XXH2IG52?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3140795426/fulltextPDF/embedded/6A8EOT78XXH2IG52?source=fedsrch |