面向云计算大数据框架的“设计即安全”方法

Security by Design for Big Data Frameworks Over Cloud Computing

IEEE Transactions on Engineering Management · 2021
被引 135 · 同刊同年前 3%
ABS 3

中文导读

本文提出一个安全设计框架,通过系统化安全分析和自动化评估,帮助在云计算中部署大数据框架时提升安全意识并缩短设计时间。

Abstract

Cloud deployment architectures have become a preferable computation model of Big Data (BD) operations. Their scalability, flexibility, and cost-effectiveness motivated this trend. In a such deployment model, the data are no longer physically maintained under the user’s direct control, which raises new security concerns. In this context, BD security plays a decisive role in the widespread adoption of cloud architectures. However, it is challenging to develop a comprehensive security plan unless it is based on a preliminary analysis that ensures a realistic secure assembly and addresses domain-specific vulnerabilities. This article presents a novel security-by-design framework for BD frameworks deployment over cloud computing (BigCloud). In particular, it relies on a systematic security analysis methodology and a completely automated security assessment framework. Our framework enables the mapping of BigCloud security domain knowledge to the best practices in the design phase. We validated the proposed framework by implementing an Apache Hadoop stack use case. The study findings demonstrate its effectiveness in improving awareness of security aspects and reducing security design time. It also evaluates the strengths and limitations of the proposed framework, from which it highlights the main existing and open challenges in the BigCloud-related area.

云计算大数据安全设计安全评估