RESEARCH ARTICLE
E-ISSN : 2348-2923
Volume.2. Issue.3.2014 (July-Sept)
SVRM SCIENCE JOURNAL A Peer Reviewed International Research Journal A Journal of Shree Velagapudi Ramakrishna Memorial College (Autonomous), (An ISO 9001:2008 Certified Institution) Re-Accredited with ‘A’ grade by NAAC Nagaram-522268, Guntur(Dt), Andhra Pradesh, India
BIG DATA AND ITS SECURITY MONITORING TECHNOLOGIES IN REAL TIME ENVIRONMENT DILEEP KUMAR.G
[email protected] Asst. Prof , PSCMRCET, Vijayawada
ABSTRACT: In this paper, we discuss about what big data is and what are the different challenges in security aspects. And what are the different realtime environments are made to provide the security for big data.
KEY WORDS: Big data, challenges, environments, real-time, security.
SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
34
http://www. journal.svrmc.edu.in
Introduction: Big data is an all- embracing term for any assembling of data sets so large and complex that it becomes difficult to treat using traditional information processing applications. Include analysis, gaining control, creation, search, sharing, storage, transfer, visualization, and privacy violations.
Keywords: Big data, sharing, storage, visualization and privacy violations.
Protection for big Data: Many businesses already use Big Data for marketing and research, yet may not deliver the fundamental right – particularly from a security perspective. As with all new technologies, security seems to be an afterthought at best. Big Data breaches will be great, too, with the potential for even more serious reputational damage and legal repercussions than at present. A rising number of companies are employing the technology to store and analyze peta bytes of information, including web logs, click stream data and social media content to gather better insights about their clients and their clientele. As a consequence, information classification becomes even more vital; and data ownership must be spoken to facilitate any reasonable classification. Most organizations already struggle with carrying out these concepts, making this a significant challenge. We will require to identifying owners for the outputs of Big Data processes, as considerably as the raw information. Very few systems are likely to establish a Big Data environment in-house, then cloud and Big Data will be inextricably connected. As many businesses are aware, storing data in the cloud does not bump off their obligation for protecting it - from both a regulatory and a commercial perspective. Techniques such as attribute based encryption may be necessary to protect sensible data and enforce access controls (being attributes of the information itself, quite than the environment in which it is stashed away).
SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
35
http://www. journal.svrmc.edu.in
Big data specific security and privacy challenges:
Computations in distributed programming frameworks.
Non relational data stores
Data storage and transactions
Input validation and filtering
Real time security
Scalable and compassable privacy preserving data mining and analysis
Data provenance
Access control
Data Audits
Cryptographically enforced access control and secure communication
The risks connected with Big Data technologies:
This is a new technology for most establishments. Any technology that is not well understood will introduce new exposures.
Big Data implementations typically include open source code, with the potential for unrecognized back doors and default credentials.
Regulatory requirements may not be fulfilled, with access to logs and audit trails problematic.
The attack surface of the nodes in a cluster may not have been brushed up and servers adequately hardened.
User authentication and access to data from multiple locations may not be sufficiently held in.
There is substantial opportunity for malicious data input and inadequate data validation.
SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
36
http://www. journal.svrmc.edu.in
Harden Big Data Infrastructure with Elemental:
Through specific big data security policy (controls) deployment, monitoring and enforcement, Elemental provides an integrated, cross- political program, comprehensive manner to protect resources in a big data production environment. ESP (Elemental Security Platform) is your best ally to ensure security and compliance of your big data processing clients: Passwords - most Number of SQL / Big Data systems don’t have any PW or use the default system PW, and then anybody could easily access them. Input Validation – Number of SQL systems aren’t usually exposed to SQL injection problems, but they can even be injected using JavaScript or concatenation of strings. Role-based Access Control - Defines and enforces who has access to what in the data depository. ESP can help moderate and enforce this. OS Hardening - the operating system on which the data are treated should be hardened and locked down. The four main protection focus areas should be: users, licenses, services, logging. Persistent Control - constant monitoring and continuous enforcement of host-level security policies is provided by the Elemental system. SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
37
http://www. journal.svrmc.edu.in
Reacting to Change - access controls automatically adapt to changes in roles and security posture. In-line Remediation - update configuration, restrict applications and devices, restrict network access in response to non- conformity. Security Data Analytics Engineer: It shell be responsible for carrying out engineering tasks to deliver a clustered computing environment. The engineer shell design and build large-scale security data analytics platforms, using open source software and tools, Cloud based tools and COTS technologies. The engineer shall demonstrate a security data analytics system that produces manageable, actionable intelligence from massive streams of a structured and semi-structured security data. This is a broad engineering role which involves years of defensive security experience, automating data feeds from different authors, and encompasses building of the core frameworks and programs to treat with the complexities of ingesting, storing, and manipulating masses of data in real-time. This engineering role will research and examine large volumes of data by using modern analytical instruments and methodologies, build data analytic pipelines, build data processing pipelines, and drive analytical reports to security analysts and investigators for situational awareness. The reports and analytics, dashboards provide analysts and investigators the power to identify, process, and comprehend critical elements of information about what is going on.
SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
38
http://www. journal.svrmc.edu.in
Possible Example of a Big Data Security, Data Analytics system:
References: [1] http://www.webopedia.com/TERM/B/big_data.html [2] http://en.wikipedia.org/wiki/Big_data [3] "Big Data Definition". MIKE2.0. Retrieved 9 March 2013. [4] Boja, C; Pocovnicu, A; Batagan, L. (2012). "Distributed Parallel Architecture for Big Data". Informatica
Economica 16 (2): 116–127.
[5] Manyika, James; Chui, Michael; Bughin, Jaques; Brown, Brad; Dobbs, Richard; Roxburgh, Charles; Byers, Angela Hung (May 2011). Big Data: The next frontier of innovation, competition, and productivity. McKinsey Global Institute. [6]
http://bigsnarf.wordpress.com/2013/01/31/the-emergence-of-a-new-security-role-security-
data-analytics-engineer/ [7] http://bigsnarf.wordpress.com/2013/01/ [8] http://en.wikipedia.org/wiki?curid=27303013 SVRM Science Journal Vol.2.Issue.3.2014
E-ISSN : 2348-2923
39
