2016 International Conference on Electronic Information Technology and Intellectualization (ICEITI 2016) ISBN: 978-1-60595-364-9
Research on the Construction of Security
System of Big Data
Manling Cheng and Zhihua Sun
ABSTRACT
In the background of big data era, through the analysis about the features and development tendency of big data, this paper elaborates the hidden dangers of the big data applications triggered by its application values. It also puts forward the overall frame system for solving the security problem of big data. This paper establishes a comprehensive application security system of big data from five aspects, namely, storage security of big data, protection of private information, security of big data cloud, construction of an active defense mechanism, re-regulation of administrators’ authorities.
INTRODUCTION
With the fast development of Internet, cloud computing, Internet of things and other network technologies as well as the extensive use and big-scaled construction of intelligent terminal and smart city, the global information volume presents an explosive growth, driving the whole Internet world stepping into the big data era. In order to deal with the challenges of big data era, it is very important to popularize technologies of basic analysis, research and development, application and security about big data, promote the innovative management ability and professional qualification of big data technology and strengthen the security and privacy management of big data. When the numerous benefits of information construction are enjoyed by people, the application security problem of big data has gained more and more attention.
_________________________
Manling Cheng, WuHan Business University, Wuhan, China
BACKGROUND OF BIG DATA
Features of Big Data
Big data refers to vast and complex data sets with sizes beyond the ability of commonly used software tools to capture, store, search, share, analyze and process data. Four Vs (Volume, Variety, Value, and Velocity) are commonly used to summarize the basic features of big data. The specific meanings are huge volume of data, a variety of data, low value density and fast processing velocity[1].
Technical Tendency of Big Data
APPLICATION OF HADOOP TECHNOLOGY
Apache Hadoop is an open-source distributed computing framework. Through Map Reduce, Hadoop distributes big data amongst many nodes for processing. Hadoop follows Apache 2.0 License so it can easily process structured, semi-structured, and unstructured data. Thus it becomes a very popular solution for big data and can deal with enormous data storage in PB or even ZB level [2].
INTEGRATION WITH CLOUD COMPUTING
Big data and cloud are two different concepts, but they have many intersections with each other. The ground principles to support big data and cloud computing are the same, namely, large scale, automation, resource allocation and self-recoverability. So there are many resultants between big data and could. We can say big data and cloud computing are accompanied with each other. The processing of big data is inseparable from cloud. The application of big data is a typical application operating on the cloud.
THE APPLICATION VALUEOF BIG DATA
The Wall Street Journal names big data era, intelligent production and wireless network revolution as three technological changes leading the future prosper. A report of McKinsey Company points out that data is a means of production and big data is the next front edge of innovation, competition and the promotion of productivity. What’s more, a report of World Economic Forum firmly believes that big data is the new fortune with similar value as petrol [3].
data value, the proper excavation and utilization of big data have brought huge wealth to every industry.
THE HIDDEN DANGERS OF BIG DATA
Along with the explosive growth of the application of big data, big data has generated unique architectures, lead the development of storage, network and Internet technology but also triggered new security concerns at the same time.
The Networked Society Makes Big Data Become Target of Attacks
In the open networked society, the huge volume of big data is connected. For attackers, that means a lower cost for snowballed benefits. Accidents like the leak of users’ data and the thefts of personal account information occur now and then. Once being attacked, the stolen volume can be rather huge.
Millions of information leaks and abundant network crimes in recent years have shown that the risk degree of information security in the background of big data and cloud can no longer compare with the past.
Big Data Increases the Risk of Privacy Disclosure
Big data is a two-edged sword. Although the fast network and accurate marketing bring people a more convenient lifestyle, they also make the protection of privacy an idle talk. The growth of data analysis technology will definitely pose a grave threat to users’ privacy. Today’s big data marketing is like a pair of prying eyes watching every single movement of customers all the time. As an individual customer, we can no longer avoid our privacy being documented by network system, grasped, excavated and utilized by businesses or even being used maliciously.
Hidden Dangers Brought About by Technical Short Blank
As the basic technology for big data processing, NOSQL is different from the widely used SQL technology. Without long-term improvement, strict access control and privacy management in data security maintaining, NOSQL is lack of security and integrity.
The Big Data Environment Breaks the Traditional Security Barrier
Big Data Could Become Carriers for Advanced and Sustainable Attacks
The APT attack is a sustainable procedure without any distinctive features that could be detected in real time. At the same time, it is rather hard to discover the APT attack codes hidden in the large-scaled data. Besides, the attackers can also use social networks and systematic vulnerabilities to carry out attacks in time slots that cannot be detected by the threat feature library.
THE CONSTRUCTION OF SECURITY SYSTEM INTHE BIG DATA ERA
The Secure Storage of Big Data
With the generation, storage and analysis of enormous data, the secure storage of data will become a bigger problem in the next few years. Safe storage is the most basic requirement for the security of big data. We could improve the safe storage of big data in aspects like centralized storage, encrypted storage, encrypted transmission, certificate authority, log audit and other aspects, especially encrypted storage[4].
Protection of Private Information
The war between big data and privacy has begun long time ago. We must ensure the privacy security in the technical and statutory levels and improve the security system of user’s private information in big data era.
In the statutory level, we should define the data property and sale license based on standards and regulations. We should issue concerned qualification certifications and regulations to establish and improve the privacy security system of big data.
In technical level, we should use technologies like big data cleaning, removing privacy and other technologies to hide clients’ private data.
Cloud Security of Big Data
The uploading, downloading and intersection of big data are usually implemented in the cloud. It is necessary to make sure the security protection in the cloud and client side which attract more and more hackers and virus attacks.
Build Active Defense Mechanism
When planning the development of big data, it is necessary to build and improve the information security system of big data. We should combine the traditional information security technology with the real environmental security requirements when collecting, processing and applying big data. We should build event surveillance mechanism for the information security of big data which can detect the security problem of the information system in time. When or before the operation environment of big data is under attack, it can detect the attacks quickly and accurately and activate the disposal and emergence mechanism promptly [5].
The information security of big data is to protect the confidentiality, integrity and availability of big data information. However, confronting the ever-upgrading attacking modes and the diverse and hidden ways to steal information, single security protection products can no longer meet the needs. In this aspect, comprehensive security management platforms like SOC have outstanding performances which could coordinate with other network security devices like firewall, IDS, information auditing and host security. It can collect event information from each security device. After filtering, classification, analysis, integration and other processes, it can automatically change security strategy and send the strategy to each security device. After security devices receive the fine-grained security strategy, they can block illegal accesses and vicious attacks in time and form a self-adapting close-loop processing chain which can make the network adapt to dynamic security requirements. This kind of related defense mechanism can detach data packages more quickly and inspect whether the content of the data package is legal in real time. Besides, it can coordinate with other network security devices to implement the corresponding strategy. So it is a defense method with relatively high timeliness.
Re-regulation of Administrators’ Authorities
The cross-platform transmission of big data can bring inner risks in some extent. We can set different authority levels for big data and users according to different security level and user’s requirements and strictly control the access authority. What’s more, the unified identity authentication with single point logging and access control technology can strictly control users’ access which could effectively ensure the application security of big data [6].
The host access control system adopts C/S architecture, including control center and surrogate host equipped with proxy client. The control center is in charge of the monitoring and management to surrogate host and the management of host strategy. The surrogate host communicates with control center through agent client (realized by software in surrogate host), receives dynamic encrypted passwords and white list strategy of the host from control center.
the limitations of common hosts’ interface control system are solved. So it is a solution for host interface control with better universality, security, controllability and expandability. At the same time, it adopts the firewall technology, bases on safe access control strategies like IP strategy, SNAT and DNAT strategy, inner bridge strategy and other strategies. It carries out intelligent control and fine-grained auditing to services and accesses into and out of the inner network. It permits legal users of the inner network to visit external networks normally and prevents the external intruders to enter the inner network.
CONCLUSIONS
Nowadays, the situation is hardly optimistic and the security of big data is an eternal proposition. Introducing the above advanced technologies and properly adopting intelligent network security products can largely enhance the comprehensive security protection ability. It can also protect the security, integrity and confidentiality of data in the source, coordinate with other security devices to cut the intruding source timely, effectively and accurately and guarantee the information security to the largest extent.
All in all, in the big data era, opportunities exist with challenges. When we promote the technical innovative management ability of big data and our professional ability, we should strengthen researches on the security and privacy management about big data at the same time. By issuing regulations and policies and using technologies and skills, we should develop big data in every industry in the right direction faster and more thoroughly.
REFERENCES
1. Mayer- Schonberger V., Cukier K. Big data: a revolution that will transform how we live, work, and think [M]. John Murray Publishers Ltd, 2013: 174- 180.
2. Tom White, Hadoop: The Definitive Guide [M], O'Reilly Media, Inc., 2009.
3. The World Economic Forum. Big data, big impact: New possibilities for international development [EB/OL]. [2014-04-16]. http://www.weforum.org/reports/big-data-big-impa-ct-new-possibilities-international-development.
4. Borkar V.R., Carey M.J., Li C. Big data platforms: what’s next? XRDS: Crossroads, the ACM Magazine for Students, 2012, 19: 44–49.
5. Jia Zhen, Wang Lei, Zhan Jianfeng, et al. Characterizing data analysis workloads in datacenters [C]. In Workload Characterization (IISWC), 2013 IEEE International Symposium on. IEEE. 2013.
