Apex Institute of Technology

Department of Computer Science & Engineering

Implementing security for Big Data

Dr. Navjeet Kaur

E16069
Associate Professor DISCOVER . LEARN . EMPOWER
CSE(AIT), CU
Contents to be covered during the semester
 More on Implementing security for Big Data

Businesses today are collecting more and more data as per the requirement of each department.

However, the difficulty lies in analysing this wealth of data, understanding the key insights and

then securing that data. So, while an enterprise IT department and data scientists are applying an

arsenal of data analysis techniques on the massive data collected, they also need to ensure there

is no opportunity for data leakage.

Big Data and Security

Ways to implement security for Big Data
1. Safeguard Distributed Programming frameworks

Distributed programming frameworks like Hadoop make up a massive part of modern Big Data
distribution. But they come with serious issues of data leakage. They also have “untrusted
mappers” or data from multiple sources that may produce error-ridden results. Cloud Security
Alliance (CSA) strongly recommends organizations use methods like Kerberos Authentication
while ensuring adherence to security policies. Then de-identify the data by separating all
Personally Identifiable Information (PII) from the data to ensure personal privacy. After that,
authorize access to files and ensure that entrusted code doesn’t leak information.
2. Secure your Non-Relational Data

Non-relational databases such as NoSQL are very common, but they are vulnerable to

attacks such as NoSQL injection. To avoid this, we recommend you start by encrypting

or hashing passwords, and make sure you do complete encryption by using algorithms

like Advanced Encryption Standard (AES), RSA and Secure Hash Algorithm 2 (SHA-

256).
3. Secure Data storage and transaction Logs

Storage management plays a significant role in the Big Data security equation. The CSA

recommends using signed message digests to provide a digital identifier for each

document and to use a technology called SUNDR (Secure Un-trusted Data Repository).

This helps in detecting unauthorized file modifications by malicious server agents.

4. Endpoint filtering and validation

Endpoint security is important and can be used with trusted certificates, doing resource

testing, and connecting trusted devices to your network by using mobile device

management. Once it is done, use statistical similarity detection techniques and outlier

detection techniques to filter malicious inputs to protect against Sybil and ID-spoofing.
5. Real-time Compliance and Security Monitoring

Compliance is always a headache for firms dealing with a constant deluge of data. It’s best

to solve it at the beginning and organizations apply Big Data analytics by using secured

tools such as Kerberos, Secure Shell (SSH) and Internet Potocol Security (IPsec) to make

things smoother.
Thank you

Please Send Your Queries on:

e-Mail: [email protected]