Classification of big data access control models : comparative study
Azhar Abdulmughni
Department of IT , Faculty of Computer and information technology, University of Sana'a
December, 2023
Abstract ___ In the era of big data, the rapid generation of
large amounts of data from various sources poses a challenge
for access control. To address the needs of end users,
mechanisms for access control must be established to share
confidential information with authorized users. Currently, the
main concern in cloud computing is the security of access
control, with ongoing research and implementation focused on
ensuring secure and reliable file transfers. Existing solutions
based on role, attribute, identification, and hierarchical access
controls are insufficient to instill trust in cloud computing
servers. Therefore, future efforts should aim to implement a
trusted model for securing stored files. The emergence of
access control technology adds a barrier to the access of data
resources, avoids some illegal users' access to resources, and
reduces the problem of resource leakage to a certain extent.
This paper classifies some access control technologies in the
field of big data access control, including discretionary access
control technology, role-based access control technology,
attribution-based access control technology, blockchain-based
access control technology, etc. Then it summarizes the
application characteristics of access control technology in the
field of big data, and finally looks forward to the development
prospect of access control.
Keywords: access control, Big data, Cloud computing,
Security
I. Introduction
Cloud computing is a type of computing framework
that offers on-demand services using shared
computational resources. These services have made our
lives more convenient, as they can convert resource-
constrained mobile devices into powerful computers.
However, while cloud services have many benefits such
as scalability and cost savings, there are also drawbacks
in terms of centralization and security. It is important to
address these security concerns, particularly unauthorized
access to sensitive data, in order to fully realize the
potential of cloud computing.
Security for access control is the main concern in
cloud. Latest research and implementations in Cloud
focus on secure file transfers. Existing solutions employ
role, attribute, identification, and hierarchical access
controls. Encryption can prevent unauthorized access to
sensitive data. Challenges exist in practical
implementation. Differentiated access is necessary based
on user roles. Data access control has evolved over the
past 30 years. Techniques like fine-grained access control
offer flexibility. Research is needed to address
vulnerability gaps. This paper discusses cloud storage and
access control schemes. Three emerging fine-grained
access control techniques are reviewed... [2]
Cloud service providers use different access control
models to achieve several objectives, including
maintaining data confidentiality, integrity, and privacy,
preventing unauthorized access, and ensuring correct data
XXX-X-XXXX-XXXX-X/XX/$XX.00 ©20XX IEEE
delivery to authorized users to prevent denial of service.
[2] [3]
Cloud computing is provided by specific providers
like Amazon, Google, Salesforce.com through the
internet. The front end is a new interface service, while
storage and maintenance are based on the terms of service
providers. The front end and back end of cloud computing
can be accessed globally through internet connection.
Data in the cloud is viewable and accessible through an
interface, with protection provided for confidential data.
Access control is based on users and data, categorized into
public, private, and hybrid data. Private data includes
confidential information and requires access control,
while public data does not. Hybrid data may contain a
combination of data types, necessitating security
measures [3]
The term Big Data means analyzing large amounts of
data with different formats, allowing for fast predictions
with low uncertainties and high value. [3] there are three
characteristics that define the nature of big data witch
called 3Vs: Volume, Variety, and Velocity.
-Volume referred to the vast amount of information
that is generated and collected from various sources such
as social media and connected devices. For instance ,
social media platforms like YouTube and Twitter have an
extensive user base that produces a large amount of data
every second.
- Variety, encompasses the diverse types of data being
gathered, including text, sound, film, and sensor data.
This data can be either structured or unstructured, posing
challenges in terms of processing and analysis.
-velocity denotes the speed at which data is being
generated and collected, making real-time processing and
analysis a complex task. This is especially significant for
data used in time-sensitive decision-making processes
such as financial transactions and traffic management. [4]
Access control technology aims to prevent
unauthorized users from intruding or destroying data,
limiting access to protect user data. The main functions of
access control security are preventing unauthorized access
and allowing legal users to access and operate data. Data
access control in big data and cloud computing prevents
illegal access, controls user access authority, and protects
data integrity and confidentiality. [5]
first part of this paper a literature review of related
researches in the field of access control technologies with
big data and cloud computing to illustrate the most
common models that been used and the advancing of
these models to overcome the increasing challenges of big
data security ,
In the second part we discuss the major issues and
challenges that are facing the security of big data in cloud
computing environment including Access control as a
challenge , the third part introduces the platform and
techniques which are used in processing and allowing the
access control methods in big data clusters and a brief
explaining of how to implement access control in Hadoop
ecosystem ,the fourth part illustrates classifying of the
most common access control models to be implemented
in cloud big data applications , The fourth part presents a
classification of the most important access control models
used with big data applications in cloud computing and a
comparison between these models according to several
standards and requirements. Last part concludes the
results of the study and best practices.
II. Literature review
According to the characteristics of big data and cloud
computing most of the literature discussed mainly data
stream analysis and Internet of Things applications, by
analyzing related access control enforcement techniques.
Researchers in domestic circles have proposed various
access control methods for big data and cloud computing
environments based on their unique requirements. These
methods largely involve modifying and broadening
traditional access control technology. Although research
on access control for Big Data platforms is advancing, a
unifying access control framework that combines
generality and efficiency has not yet been proposed due to
the complex nature of the managed data, resulting in ad-
hoc solutions for specific platforms and limited
applicability of language-centric approaches. [3] [6]
paper [6] Introducing big data cloud computing and
access control technology through user roles and entity
attributes. And provide a comparison of existing access
control technology with user roles and entity attributes in
the context of big data cloud computing. Proposing an
access control model based on big data cloud computing.
Explanation of various aspects of big data cloud
computing access control technology, But The paper does
not provide a comprehensive evaluation or comparison of
the proposed access control model with existing access
control technologies in terms of performance, scalability,
or security.
Tal .et al [5] proposed framework to implement
attribute-based access control (ABAC) In the processing
of big data with various sensitivities. The authors have
conducted an analysis and implemented a prototype
application of ABAC for processing large datasets in
Amazon Web Services. They utilized open-source
versions of Apache Hadoop, Ranger, and Atlas. In their
study, they have rigorously analyzed cybersecurity
aspects related to the implementation of ABAC policies
in Hadoop. This includes the development of a synthetic
dataset containing information at different sensitivity
levels, reflecting healthcare and interconnected social
media data realistically. The outcome of their work is a
framework designed to enhance the security of big data,
effectively addressing significant cybersecurity issues.
The paper [4] presents a model that integrates Role-
based access control (RBAC) with task methodology for
the management of big data security. This model is
intended to improve the authorization capabilities of the
Hadoop ecosystem, particularly the Apache Ranger and
Apache Sentry frameworks. RBAC is a commonly
utilized access control strategy that assigns roles to users
and allocates permissions based on these roles. The task
methodology concentrates on delineating and overseeing
tasks within an establishment, aiding in the determination
of user access rights according to their designated tasks.
Through the amalgamation of RBAC and task
methodology, the proposed model offers a more detailed
and adaptable access control system for big data
environments. The model is crafted to tackle the security
obstacles linked with the escalating speed and intricacy of
big data, guaranteeing the protection of confidential data
from both governmental and non-governmental entities.
This paper [7] presents a new ABE scheme called
attribute-based encryption with attribute hierarchies and
provide comparison operations between RBAC and
ABAC .
The paper [8] provides a comprehensive analysis of
access control technologies, including RBAC, ABAC,
FGAC, PPAC, SMPC, HE, PRE, ABE, and key
management techniques, in the context of secure and
private big data analytics in the cloud environment.
discusses the benefits of RBAC, such as improved
security, sscalability, and ease of administration, making
it a suitable access control model for big data analytics in
the cloud.
Komar et al [9] presents a framework for access
control in big data as service (BDaaS )using blockchain
and modified CP-ABE algorithms. It explores the use of
ABE algorithms, specifically CP-ABE, for access control.
The research paper develops the access control algorithm
from CP-ABE and applies it on the blockchain platform.
The framework utilizes smart contracts on the blockchain
for managing access information, ensuring a
decentralized and secure access control environment. The
use of CP-ABE and blockchain in the framework
improves security and data protection in BDaaS. The
paper contributes to access control field by offering a
specific approach using blockchain and CP-ABE for
secure data access in BDaaS platforms.
Table (1) summarizes the literature review of this
paper
III. big data security
big Data has evolved into a form of production factor
that exerts a significant influence. The advancement of
swift processing and analytical technologies has enabled
the swift extraction of valuable information to serve as a
basis for decision-making. While Big Data presents
opportunities for both businesses and society through the
exploration of diverse and extensive data sets, the issue of
information security emerges as a crucial aspect.
Insufficient security measures and encryption solutions
could potentially transform Big Data into a major
challenge. A key obstacle associated with Big Data
pertains to the storage and processing of vast amounts of
information. Many organizations employ various
technologies such as NoSQL, Hadoop, Spark, as well as
other analytical tools, artificial intelligence, and Machine
Learning to uncover the necessary insights. Security
remains a paramount concern within the realm of Big
Data. Some enterprises implement additional security
measures like identity and access control, encryption, and
data segregation to enhance the security posture. The
preservation of information confidentiality revolves
 around safeguarding data from unintended, illicit, or identity theft, account and system compromise, legal or
unauthorized access, disclosure, or theft. Data reputational harm, and other severe repercussions. [7]
characterized by high confidentiality requirements is
deemed as confidential and must be safeguarded to avert

Reference AC model Contribution of the study

K. Vijayalakshmi 2020 [2] Multi models Analyzed different types of Access control
And provide a comparison
Tal et al 2023 [5] Attribute-based access The authors analyze and implement a prototype
control (ABAC) application of ABAC to large dataset processing in
Amazon Web Services, using open-source versions of
Apache Hadoop, Ranger, and Atlas
Pandey .et al2023 [4] collaboration of Role- introduce a model for new access control with the
based Access Control with collaboration of Role-based Access Control with task
task methodology methodology. And to illustrate the framework, they
have a use case in IoT
Wang et al 2023 [6] attribute encryption The paper proposes an access control model based
access control and multiuser on big data cloud computing, based on the basic
access control RBAC and ABAC models,
Oussama Mounnan et al 2019 [8] Blockchain based Access control the paper contributes to enhancing security, privacy, and
decentralized access control in Big Data environments
through the use of Blockchain technology.
Yan zhu et al 2015 [7] attribute encryption access Presents a new ABE scheme called attribute-based
control encryption with attribute hierarchies (ABE-AH) that
efficiently implements comparison operations between
attribute values on a poset derived from an attribute
lattice.
Arun et al 2023 [8] RBAC analysis of access control technologies, including RBAC,
ABAC, FGAC, PPAC, SMPC, HE, PRE, ABE, and key
management techniques,
Komar et al 2022 [9] Blockchan Santosh Kumar Sharma1, Dr Ajay Pratap2* and Dr
ABE Harsh Dev3
Table 1summary of litratrure review
A- Security and Privacy requirements in Big Data: allocation and memory management algorithms. Big data
challenges are prominent in industries like telecoms, web
1-Confidentiality: that limits access to privileged marketing, retail, and government activities, leading to a
individuals only. Breaching confidentiality occurs competitive advantage for companies capable of
through intentional or unintentional disclosure. Various analyzing such data. Data mining techniques can aid in
mechanisms are used to protect information malware detection in cloud environments. Security
confidentiality challenges in cloud computing are divided into network,
2-. Integrity ensures data are whole and uncorrupted, user authentication, data, and general issues. Network
facing risks of corruption, damage, or disruption. challenges involve protocols, security, distributed nodes,
data, and communication. User authentication challenges
include encryption, authentication methods,
3- Availability ensures authorized users can access administrative rights, application authentication, and
information in a usable format without obstruction. It does logging. Data challenges focus on integrity, availability,
not guarantee access to all users, but availability when protection, and distribution. General challenges
needed by authorized individuals. [7] encompass traditional security tools and technology
utilization. [5]
B- Big data Security challenges:
The support provided by Big Data platforms for
Cloud computing faces security challenges due to storage and analysis of large and diverse datasets is
various technologies involved like networks, databases, unmatched by traditional data management systems.
virtualization, and more, making security issues These new systems offer flexibility, efficacy, and superior
applicable. Network security is crucial for cloud systems, performance and scalability. However, Big Data systems
and virtualization in cloud computing raises security lack the same level of data protection features. While
concerns, especially in mapping virtual machines securely traditional systems have various data protection
to physical ones. Data security involves encryption, frameworks, Big Data platforms mostly have basic access
enforcing data sharing policies, and securing resource control mechanisms. This poses a serious threat as there
is unrestricted access to large volumes of data from
multiple sources, including sensitive and private
information. The advanced analysis capabilities of Big
Data platforms can be exploited to derive correlations
between sensitive and personal data. For example, fitness
apps on mobile and wearable devices can profile user
lifestyles and infer their inclination to diseases through the
analysis of movement data, heartbeats, and weight.
Despite the undeniable benefits of Big Data analytics, the
absence of standard data protection tools makes these
services vulnerable to attackers. [3]
Figure 3 provides an elucidation of several prominent
security obstacles encountered in the realm of big data,
encompassing encryption, key management, access
control, distributed environments, and numerous others.
Of all these concerns, access controls hold the utmost
significance in ensuring the authentication of data [3].
IV. Platforms of Big Data processing
The emergence of big data has resulted in the creation
of new technologies and methods for gathering, storing,
and analyzing data, such as Hadoop, Spark, and NoSQL
databases. These tools allow organizations to extract
valuable insights from their data, like detecting patterns,
trends, fraud, and enhancing operational efficiency. Big
data has significant implications for research, particularly
in medicine, biology, and social science, enabling
researchers to analyze large genetic datasets for drug
targets and study social media data for public opinion on
specific topics. [4]
1- Apache Hadoop
Hadoop is an open-source software, facilitates the
distributed processing of large datasets while ensuring
high availability and addressing failure at the application
layer; its additional components include Hadoop Map
reduce, Hadoop common, Hadoop distributed file system
(HDFS), and Apache YARN, while Apache Ranger and
Apache Sentry serve as open-source programs within the
Hadoop environment, providing authentication methods
and access control to ensure data security and prevent data
breaches. [4]
Hadoop-based service are hosted by cloud service
providers such as Amazon, Google, and Microsoft. [5]
Hadoop is a Java-based framework for processing big
data in distributed computing. It's part of Apache project.
Hadoop cluster uses Master/Slave structure for processing
data. [6]basic big data model consists of a Master Slaves
system. The Master Node receives data from providers
and distributes tasks to slaves. The Master Node provides
three important tasks to the slave node: load forwarding,
data forwarding, and analysis collection. The slave node
processes the load from the master node for big data. This
architecture is susceptible to attack due to a failed
firewall. Big data requires a proper access control
mechanism. [2]
2- Map reduce systems :
MapReduce is a method for analyzing large data sets.
It works by dividing the data into smaller parts and
distributing them to different computers. The data is then
processed in parallel using Map and Reduce functions.
This approach can handle unstructured and semi--
structured data. [3] mplementing access control within a
MapReduce setting necessitates the assurance that
exclusively authorized individuals possess entry to the
data and resources. This objective can be accomplished
by integrating access control protocols, such as role-based
access control (RBAC) or attribute-based access control
(ABAC), within the MapReduce framework. These
models of access control serve the purpose of outlining
and enforcing access regulations grounded on user roles,
attributes, or alternative criteria. Through the integration
of access control within the MapReduce framework,
entities are able to safeguard confidential information and
ascertain that solely authorized individuals are capable of
executing particular operations on the data. [12]
3- NoSQL datastores
NoSQL datastores are flexible, scalable, and efficient
systems for Big Data. They can be classified into three
classes: key value, wide column, and document-oriented
datastores. Key-value datastores are like big hash tables
and are used for efficient look-up operations. Wide
column stores are good for blogging platforms and
content management systems. Document-oriented
datastores use hierarchical records and are used for event
logging systems and content management systems. Fine
grained access control in NoSQL datastores is still in the
early stage with only a few frameworks proposed so far.
[3] NoSQL datastores, like MongoDB and Cassandra,
offer flexible storage for big data but have different access
control from relational databases. NoSQL databases have
varying access control mechanisms, like MongoDB's user
authentication and RBAC. RBAC in NoSQL lets admins
define roles and privileges for users to control data access.
Some NoSQL databases support ABAC for access
decisions based on user attributes. Access control in
NoSQL varies by system, so organizations need to
configure and manage settings for data security. NoSQL
datastores offer customizable access control for specific
security needs in big data environments. [6]
V. Access control technology
Access control is a software module or function used
to protect resources or prevent illegal access. The access
control model is formed with security policies that
determine authorized and unauthorized users. An efficient
access control model prevents illegal data access.
Examples of unauthorized access include a terrorist
reading military records, a hacker using a duplicate bank
account, a hospital receptionist reading patients' medical
reports, and a server attack denying data access to
authorized clients. [2] Access control is also crucial for
compliance with regulations and standards such as the
General Data Protection Regulation (GDPR) and HIPAA.
These regulations frequently mandate organizations to
enforce stringent access controls to safeguard sensitive
data. [3] fig1 illustrate the access control mechanism in
general.
Big data expansion leads to increased data flow in
cloud computing. Access requests in this environment are
complex. Access control faces challenges due to massive
data access. [5] Access control is an essential aspect of
big data security that helps organizations and researchers
 Figure 1 access control mechanism [3]
to protect sensitive information and comply with relevant
regulations. Implementing strict access controls, such as
role-based access, attribute-based access control, multi-
factor authentication, and data-level access control, can
help organizations and researchers to effectively secure
their big data and protect it from unauthorized access. It
ensures that only authorized users can access and view
sensitive information [4] . This is particularly important
for big data because it often contains sensitive and
confidential information, such as personal and financial
data, that can be exploited by cybercriminals if it falls into
the wrong hands [1]
a- Access control requirements
In this section a review of the key Requirements of
access control mechanism for Big Data in cloud
platforms.
1- Fine-grained access control (FGAC) The access
control of data in servers is managed by software,
which checks authorization for accessing specific
data. However, the software is not entirely reliable
due to the risk of information leakage by those who
have access to the server or cloud. To address this
issue, fine-grained access control is implemented,
where different individuals have different rights to
access files based on their identity. This type of
access control is particularly useful in encrypted
attribute searching and personal health records, as it
ensures efficient and secure data access [2] Access
control rules in Big Data analytics platforms need to
be bound to data at very specific levels, but new
enforcement mechanisms are required due to the
heterogeneity and lack of schema in Big Data. [3]
2- Context – management :The support for context-
based access constraints allows for highly
customized access control forms. These constraints
can limit access based on time periods or
geographical locations. When access control
decisions are derived from contexts, authorizations
are granted if conditions referring to the
environment of the access request are met. [3]
3- Scalability: The capability to monitor access
control events and changes ensures transparency and
accountability. Recording and analyzing access
activities creates a detailed audit trail. Auditability
aids in identifying unauthorized access attempts and
policy violations for timely response. Blockchain-
based access control technology provides inherent
auditability by recording all events on the
blockchain. This allows for easy tracking,
monitoring, and auditing of access control events,
ensuring compliance with regulations. [12]
4- Auditability: access control system must
effectively track and log access attempts for big data
security analysis, Auditing and logging are essential
for monitoring access to resources, creating a record
for accountability and security. Organizations use
auditing to detect unauthorized activities and
prevent security breaches. Logging records user
actions for forensic investigations and compliance
audits. Auditing and logging aid in meeting
regulatory requirements for data protection. A
comprehensive audit trail helps organizations
enhance access control policies and security
measures by identifying access behavior patterns
and trends. [1]
5- Efficiency : Efficient policy compliance
mechanisms are necessary. Two main approaches
for enforcing FGAC in traditional relational DBMSs
are view-based and query rewriting. It is important
to determine how suitable these approaches are for
the Big Data scenario and how they can be
customized or extended. [3]
b- Access control models
There are several types of access control methods that
organizations and researchers can use to protect big
data, including :
1- Discretionary Access Control Model (DAC)
DAC is a basic access control model where the owner
manages all object access, deciding which users can
access and to what extent. The owner has full control,
granting access privileges to users as desired. The aim is
to prevent unauthorized access through Access Control
Lists (ACL) for each object .DAC offers flexibility by
allowing object owners to customize security
mechanisms, with easily updatable policies. It simplifies
usability and reduces administrative complexity in
distributed environments. While efficient for a small
number of users and data, DAC is easier to manage than
other access controls and is widely used in networking
 operating systems like UNIX, WINDOWS, and Linux.
However, DAC has limitations in modern computing
environments due to increasing security requirements and
access control complexity. It may fail to protect shared
resources in high communication scenarios, potentially
compromising data confidentiality, integrity, and
availability if a mistake is made. Additionally, the
requirement for an owner in DAC may not align with
contemporary computing technologies, leading to lower
security levels compared to other access controls.
Moreover, DAC is stateless, lacking awareness of events
post-permission granting. [2]
2- Role Based Access Control (RBAC)
is an access control model that provides a structured
approach to managing user permissions within an
organization. In RBAC, access rights are assigned to
roles, and users are assigned to specific roles based on
their job responsibilities and functions. This model
simplifies access management by allowing
administrators to define roles and their associated
permissions, rather than assigning permissions directly
to individual users. RBAC offers several benefits,
including improved security, scalability, and ease of
administration. It helps organizations enforce the
principle of least privilege, where users are granted only
the permissions necessary to perform their tasks. RBAC
has been widely adopted in various domains, including
cloud computing, where it plays a crucial role in ensuring
secure access control for big data analytics in the cloud
environment [10]
3- Attribute-based access control (ABAC)
The overall approach for ABAC is defined in the
National Institute of Standards Special Publication (NIST
SP) 800-162 as the ABAC trust chain [5] method that
enables organizations to regulate data access by
considering the attributes of the user, such as their job
title, location, or clearance level. By employing this
approach, organizations can establish precise access
controls that are customized to particular data sets or
specific use cases. [3]
4- Multi-factor authentication (MFA)
necessitates users to provide multiple forms of
authentication, such as a password and a fingerprint or a
token, in order to access data. This enhances the difficulty
for cybercriminals to obtain unauthorized access to
sensitive data. [3] In the setting of big data cloud
computing, access frequency is high, with multiple
tenants accessing data resources simultaneously. To
prevent access control failure, different applications and
computing resources are limited, involving multi-user
access control technology. Integration of RBAC model
and multi-tenant access technology enhances access
control in big data cloud computing, forming a
management system to improve tenants' access control
over data. [5]
5- Attribute based Encryption Access Control
Attribute-based encryption (ABE) is a cryptographic
technique that allows access to encrypted data based on
specific attributes or characteristics of the user. ABE uses
a combination of public and private keys to encrypt and
decrypt data. [9]In ABE, data is encrypted with a set of
attributes, and a user's private key is associated with a set
of attributes that they possess. To decrypt the data, the
user's private key must match the attributes associated
with the encrypted data. ABE provides fine-grained
access control, allowing different users to access different
parts of the encrypted data based on their attributes. This
makes ABE particularly useful in scenarios where access
control needs to be flexible and dynamic, such as in
supply chain management systems. [9]
Figure 2 attribute encryption access control [5]
6- Blockchain access control:
Blockchain-based access control uses blockchain tech
for managing access rights to resources. Access
permissions are on a distributed ledger for transparency.
Smart contracts on the blockchain enforce access policies.
Blockchain's decentralization enhances security and
privacy. Access events are recorded on the blockchain for
auditability. [12]The blockchain efficiently transfers
information between parties. A block is created by one
party in a transaction. Many computers verify the block
before it is added to a chain. Falsifying a record in the
chain is extremely difficult. Bitcoin uses this system for
transactions. The blockchain is maintained by a peer-to-
peer network of interconnected nodes. Each node
processes input to produce an output. The network divides
work among equally privileged peers. The finance
industry has been transformed by combining a peer-to-
peer network with a payment system. [7]
VI. Comparison between access control
models
The DAC model, being the most simplistic, entails
access control by the owner for operations such as
reading, writing, and modifying. Unsuitable for big data
contexts due to limitations in scalability and lack of fine-
grained control in intricate environments with numerous
users and data elements. So that’s make it not suitable for
big data and cloud computing environment
RBAC, known for its efficiency in managing access
based on well-defined user roles and their associated
needs, is considered appropriate. It is particularly well-
suited for big data scenarios featuring structured roles,
offering efficient management of access in systems with
a high volume of users.
ABAC relies on dynamic attributes related to the user,
data, and environment to make access decisions.
Designed for complex big data landscapes, this model
provides detailed control based on multiple factors,
making it a suitable choice for environments with diverse
 DAC RBAC ABAC ABE Blockchain

Fine-grained Low Medium High High Medium

access control
Context Low Limited High N/A High
management
Scalability Low Medium High Medium Medium
Auditability Low Medium High N/A High
Efficiency High High Medium Low Medium
Integrity Low Medium High High Medium
Application Simplest Ideal for A good for specific an
with big data option, but not complex big choice for big scenarios emerging
environment recommended data data with requiring technology
for big data environments well-defined fine- with potential
due to with diverse user roles and grained for big data
scalability and access needs access access security, but
security and dynamic requirements. control managing
limitations. contexts through complex rules
data can be
encryption. challenging.
access requirements, although handling attributes can by merging different models. The selection of a hybrid access
pose challenges. control model for big data relies on specific needs such as
scalability, flexibility, security, and compatibility. These
The Blockchain Access Control model employs a models present a promising approach to access control in big
decentralized and tamper-proof ledger to enforce access data, balancing security, scalability, and flexibility. [12]
control rules. While holding potential for enhancing
security and auditability in big data settings, the VII. Conclusion
complexity of managing intricate access rules on a
blockchain may present challenges. Table (2) shows a The realm of big data introduces distinctive security
comparison between these models based on the challenges owing to its vast volume, variety, and velocity.
requirement of big data access control Conventional access control frameworks encounter
difficulties in adequately regulating access to extensive arrays
Choosing the best model of heterogeneous data in dynamic settings. The present study
The development of big data cloud computing emphasizes delved into a range of access control models applicable to
the significance of access control for system security in this ensuring security in big data contexts, encompassing RBAC,
environment. Traditional access control methods do not ABAC, DAC, ABE, and Blockchain access control. Upon
easily apply to big data cloud storage due to its dynamic examination, it was evident that RBAC strikes a harmonious
nature. Research in this area is still in early stages and lacks equilibrium between efficacy and governance for large-scale
consideration for dynamic access control features. Big data data by delineating clear-cut roles. ABAC surfaced as the
environments require real-time and dynamic adjustments to most versatile and adjustable model suited for intricate
access control based on changing attributes and requirements scenarios in big data with manifold access requirements and
of objects and subjects. [6] [1] fluctuating contexts. Nevertheless, its intricate attribute
management demands meticulous attention. Despite being
In general RBAC stands out as a suitable choice for big the most straightforward model, DAC's drawbacks in terms
data environments characterized by clearly defined user roles. of scalability and meticulous control render it ill-suited for the
ABAC emerges as the preferred option for intricate big data majority of big data applications. ABE furnishes robust
landscapes with diverse access needs. Blockchain access encryption-centric access control but may exhibit reduced
efficiency and necessitate specific use cases. The domain of
control, although promising for enhancing big data security, Blockchain access control introduces appealing attributes like
poses challenges in managing complex rules effectively. It is immutability and auditability; however, the management of
control, although promising for enhancing big data security, intricate rules on a blockchain can pose challenges. In
poses challenges in managing complex rules effectively. It is essence, the selection of an optimal access control model
essential to remember that the selection of the most suitable hinges on the particular security prerequisites, scalability
model hinges on the specific security requirements of the big imperatives, and access intricacies prevalent within the
data . sphere of big data. Through a comprehensive grasp of the
merits and demerits of each model, establishments can deploy
Many researches presented hybrid access control models a robust and effective access control strategy to safeguard
to overcome the vulnerabilities of traditional models , Hybrid their invaluable big data assets. This investigation lays the
access control models integrate various technologies to foundation for further inquiry into hybrid methodologies that
enhance access control in big data settings. They utilize amalgamate the strengths of diverse models to cater to the
different technologies to meet the evolving requirements in perpetually evolving security landscape of big data.
big data. Hybrid models can incorporate DAC, RBAC, and
ABAC to offer a detailed and scalable access control solution. VIII. References
These models enable dynamic and adaptable access control
[1] N. K. Odugua and A. Rajeshb, "A Fine-Grained
Access Control Survey For The Secure Big Data
Access," Turkish Journal of Computer and
Mathematics Education, pp. 1-7, 28 april 2021.
[2] K. V. a. V. Jayalakshmi, "Shared Access Control
Models for Big".
[3] Pietro Colombo and Elena Ferrari, "Access control
technologies for Big Data management systems:
literature review and future trend," Springer open
access, p. 14, 24 jan 2019.
[4] S. Pandey and S. Maurya, "Big Data Security
management through Task Role Based Access Control
Mechanism," IEEE, pp. 1-6, 13 mar 2023.
[5] A. M. Tal and . C. C. Zou, "A Framework for
Attribute-Based Access Control in Processing Big
Data with Multiple Sensitivities," Appl.Sci., 2023.
[6] F. Wang, H. Wang and C. Xingji , "Research on access
control technology of big data cloud computing,"
IEEE, 2023.
[7] Y. Zhu and . D. Huang , "From RBAC to ABAC:
Constructing Flexible Data Access Control for Cloud
Storage Services," IEEE, 2015.
[8] A. Arun, Rajan and Vetriselvi., "Systematic Survey:
Secure and Privacy-Preserving Big Data Analytics in
Cloud," Journal of Computer Information Systems,,
pp. 1-21, 2023.
[9] S. . K. Sharma, A. Pratap and Har, "Design of Access
Control Framework for Big Dataas-a-Service (BDaaS)
Platform," . Ymer, 21(07):1350-1368, 2022.
[10] O. Mounnan, A. Abou El Kalam and L. El Haourani,
"Decentralized Access Control Infrastructure Using
Blochchain for Big data," IEEE, 2019.
[11] V. N. Inukollu, S. Arsi and S. R. Ravuri, "Security
issues associated with big data in cloud computing,"
International Journal of Network Security & Its
Applications (IJNSA), p. 8, may 2014.
[12] H. Shittu and M. Nabil, "Smart Supply Chain
Management with Attribute-Based Encryption Access
Control," IEEE 13th Annual Computing and
Communication Workshop and Conference (CCWC),
2023.
[13] Yinxia Zhuang, "Research on big data access control
mechanism," International Journal of Computational
Science and Engineering, 26(2):192-192, 2023.
[14] . U. U. Uchibeke, S. H. Kassani* and R. Deters,
"Blockchain access control Ecosystem for Big Data
security," 2018.
 .

Conclusion