Skip to main content
Skip main navigation
No Access

STSHC: secure and trusted scheme for Hadoop cluster

Published Online:pp 63-69https://doi.org/10.1504/IJHPSA.2014.059874

Hadoop is a distributed big data storage and processing framework hugely adopted in different sectors from online media, education, government and social media to handle the enormous growth of information in their respective domains. However, the core architecture of the solution is based on a trusted cluster. It lacks native methods for protecting sensitive data that cross over enterprises and are exposed or accessed illegally. In the paper, this work aims to construct a secure and trusted scheme for Hadoop cluster (STSHC). Firstly, we review the architecture of Hadoop cluster, and discuss the security risks and security requirements. And then we propose a secure and trusted architecture framework for Hadoop cluster with trusted computing base (TCB). Moreover, some protocols, which are the key management, the node trusted management protocol, the client access management protocol, the node access management protocol and job executing management protocol, are designed in detail. Finally, the security analysis shows that the scheme can efficiently meet the security requirement of Hadoop cluster.

Keywords

trusted computing, Hadoop cluster, security, TCB, security risk

References

  • 1. Berksz, F. (2009). Hadoop. (accessed 14 January 2012), [online] http://zh.scribd.com/doc/124221312/hadoop Google Scholar
  • 2. Boneh, D. , Franklin, M. ‘Identity-based encryption from the Weil pairing’. in Proc. Advances in Cryptology – CRYPTO 2001, Lecture Notes in Computer Science. 2001, Spring, Berlin, Heidelberg:Springer , 213-229 Google Scholar
  • 3. Carry, S. , Kirda, E. , Schwartz, W. , Stewart, W.H. , Yoran, A. (2013). ‘Big data fuels intelligence-driven security’. in RSA Security Berif. RSA Google Scholar
  • 4. Chang, B.R. , Tsai, H.F. , Lin, Z-Y. , Chen, C-M. (2011). ‘Access security on cloud computing implemented in Hadoop system’. in Proc. Fifth International Conference on Genetic and Evolutionary Computing. 77-80 Google Scholar
  • 5. Cocks, C. ‘An identity based encryption scheme based on quadratic residues’. in Processing in Cryptography and Coding Lecture Notes in Computer Science. 2001, Spring, 360-363 Google Scholar
  • 6. Goldberg, M. (2013). ‘Cloud security alliance lists 10 big data security challenges’. (accessed 3 September 2013), [online] http://data-informed.com/cloud-security-alliance-lists-10-big-data-security-challenges/ Google Scholar
  • 7. Kaushik, R.T. , Bhandarkar, M. , Nahrstedt, K. (2010). ‘Evaluation and analysis of greenhdfs: A self-adaptive, energy-conserving variant of the hadoop distributed file system’. in Proc. 2010 IEEE Second International Conference, Cloud Computing Technology and Science (CloudCom2010). IEEE Press, 274-287 Google Scholar
  • 8. Khan, S.M. , Hamlen, K.W. (2012). ‘Hatman: intra-cloud trust management for Hadoop’. in Proc. 2012 IEEE 5th International Conference on Cloud Computing (CLOUD). IEEE Press, 494-501 Google Scholar
  • 9. Li, J. , Chen, X. , Li, J. , Jia, C. , Ma, J. , Lou, W. (2013). ‘Fine-grained access control based on outsourced attribute-based encryption’. in Proc. the European Symposium on Research in Computer Security (ESORICS), LNCS. 3184, 592-609 Google Scholar
  • 10. Li, J. , Wang, Q. , Wang, C. , Cao, N. , Ren, K. , Lou, W. (2010). ‘Fuzzy keyword search over encrypted data in cloud computing’. in Proc. 29th IEEE International Conference on Computer Communications. IEEE Press, 441-445 Google Scholar
  • 11. Li, J. , Zhang, F. , Chen, X. , Kim, K. , Wong, D.S. (2011). ‘Generic security-amplifying methods of ordinary digital signatures’. Information Sciences. 201, 201, Elsevier, 128-139 Google Scholar
  • 12. O’Malley, O. , Zhang, K. , Radia, S. , Marti, R. , Harrell, C. (2009). Hadoop Security Design. (accessed 20 January 2012), [online] http://www.valleytalk.org/wp-content/uploads/2013/03/hadoop-security-design.pdf Google Scholar
  • 13. Shamir, A. (1984). ‘Identity-based cryptosystems and signature schemes’. in Process of Advances in Cryptology Crypto’84 Lecture Notes in Computer Science. Springer, 47-53 Google Scholar
  • 14. Takabi, H. , Joshi, J.B.D. , Ahn, G-J. (2010). ‘Security and privacy challenges in cloud computing environments’. in Security and Privacy. IEEE Press, 24-31 Google Scholar
  • 15. White, T. (2012). ‘Storage and analysis at internet scale’. Hadoop: The Definitive Guide. 3rd ed., O’Reilly Media/Yahoo Press Google Scholar