TY - JOUR
T1 - Mechanisms and techniques to enhance the security of big data analytic framework with MongoDB and Linux Containers
AU - Mailewa, Akalanka
AU - Mengel, Susan
AU - Gittner, Lisa
AU - Khan, Hafiz
N1 - Publisher Copyright:
© 2022 The Author(s)
PY - 2022/9
Y1 - 2022/9
N2 - The frequency and scale of unauthorized access cases and misuses of data access privileges are a growing concern of many organizations. The protection of confidential data, such as social security numbers, financial information, etc., of the customers and/or employees is among the key responsibilities of any organization, and damage to such sensitive data can easily pose a threat to the future of a business and the security of the customers. Therefore, this paper proposes and implements some security mechanisms and techniques, such as secure authentication, secure authorization, and encryption, to assure the overall security of a big data analytic framework with MongoDB free community edition. This paper presents the fourth phase of our continuous research where in the first phase we proposed a data analytic framework with MongoDB and Linux Containers (LXCs) with basic security requirements. Next, in the second phase we proposed a vulnerability analysis testbed to find vulnerabilities associated with the system. Finally, in the third phase we discussed in detail root causes and some prevention techniques of vulnerabilities found in the system. In addition, this paper introduces a new security mechanism for privacy preserving data handling with MongoDB to ensure the privacy of the data before being processed. Our results show, with our initial model of the analytic framework, how well our newly introduced security mechanisms work and how these security mechanisms and techniques can be used to assure the confidentiality, integrity, and availability (CIA) of any data science project conducted on our proposed analytic framework. In addition, these security mechanisms and techniques help us to strengthen the current system against zero-day attacks where attacks on vulnerabilities that have not been patched or made public yet. Therefore, our vulnerability analysis testbed which is proposed in the second phase of this research will not be able to finds vulnerabilities related to zero-day attacks.
AB - The frequency and scale of unauthorized access cases and misuses of data access privileges are a growing concern of many organizations. The protection of confidential data, such as social security numbers, financial information, etc., of the customers and/or employees is among the key responsibilities of any organization, and damage to such sensitive data can easily pose a threat to the future of a business and the security of the customers. Therefore, this paper proposes and implements some security mechanisms and techniques, such as secure authentication, secure authorization, and encryption, to assure the overall security of a big data analytic framework with MongoDB free community edition. This paper presents the fourth phase of our continuous research where in the first phase we proposed a data analytic framework with MongoDB and Linux Containers (LXCs) with basic security requirements. Next, in the second phase we proposed a vulnerability analysis testbed to find vulnerabilities associated with the system. Finally, in the third phase we discussed in detail root causes and some prevention techniques of vulnerabilities found in the system. In addition, this paper introduces a new security mechanism for privacy preserving data handling with MongoDB to ensure the privacy of the data before being processed. Our results show, with our initial model of the analytic framework, how well our newly introduced security mechanisms work and how these security mechanisms and techniques can be used to assure the confidentiality, integrity, and availability (CIA) of any data science project conducted on our proposed analytic framework. In addition, these security mechanisms and techniques help us to strengthen the current system against zero-day attacks where attacks on vulnerabilities that have not been patched or made public yet. Therefore, our vulnerability analysis testbed which is proposed in the second phase of this research will not be able to finds vulnerabilities related to zero-day attacks.
KW - Big-data
KW - Data security
KW - Docker & Singularity
KW - HIPAA
KW - Linux Containers
KW - MongoDB
KW - Privacy
KW - Sensitive data
KW - Threats
KW - Vulnerabilities
UR - http://www.scopus.com/inward/record.url?scp=85135700672&partnerID=8YFLogxK
U2 - 10.1016/j.array.2022.100236
DO - 10.1016/j.array.2022.100236
M3 - Article
AN - SCOPUS:85135700672
SN - 2590-0056
VL - 15
JO - Array
JF - Array
M1 - 100236
ER -