دانلود رایگان مقاله کنترل دسترسی حریم خصوصی آگاه برای کلان داده ها

Abstract

Big Data is an emerging phenomenon that is rapidly changing business models and work styles [1]. Big Data platforms allow the storage and analysis of high volumes of data with heterogeneous format from different sources. This integrated analysis allows the derivation of properties and correlations among data that can then be used for a variety of purposes, such as making predictions that can profitably affect decision processes. As a matter of fact, nowadays Big Data analytics are generally considered an asset for making business decisions. Big Data platforms have been specifically designed to support advanced form of analytics satisfying strict performance and scalability requirements. However, no proper consideration has been devoted so far to data protection. Indeed, although the analyzed data often include personal and sensitive information, with relevant threats to privacy implied by the analysis, so far Big Data platforms integrate quite basic form of access control, and no support for privacy policies. Although the potential benefits of data analysis are manifold, the lack of proper data protection mechanisms may prevent the adoption of Big Data analytics by several companies. This motivates the fundamental need to integrate privacy and security awareness into Big Data platforms. In this paper, we do a first step to achieve this ambitious goal, discussing research issues related to the definition of a framework that supports the integration of privacy aware access control features into existing Big Data platforms.

5. Conclusions

Nowadays Big Data represent one of the great new frontiers of IT [38]. IT managers recognize the use of Big Data platforms as an asset for their organizations, however, they also consider the poor security and privacy enforcement practices of these platforms as a top obstacle to the adoption of these solutions within their companies [6]. The definition of data security and privacy standards represent a challenging open issue for the research community [32], as traditional security and privacy mechanisms tailored to traditional data management systems are inadequate for Big Data [32]. This paper presents the foundations of a framework for the integration of PAAC into MapReduce systems and NoSQL datastores. A research and development roadmap is proposed and aspects related to the framework definition are discussed. The roadmap tasks cover a variety of activities, such as the selection of target platforms, the identification of policies suited for common application scenarios of BigData platforms, and the definition of policy specifi- cation and enforcement mechanisms. Several research goals related to the framework definition are discussed, such as the desired characteristics of privacy policies, policy binding and specification criteria for policies operating in MapReduce systems and NoSQL datastores, and general guidelines for the definition of enforcement mechanisms. Finally, in order to show the applicability of the proposed framework, some preliminary considerations related to the enhancement of a popular NoSQL datastore with PAAC features are provided. The potential application scenarios of the proposed framework match those within which NoSQL datastores and MapReduce systems are currently used.