An End-to-End Privacy Preserving Design of a Map-Reduce Framework

We present a secure design for a map-reduce framework that guarantees preservation of privacy of the original data. We use Hadoop as a typical environment for illustration. That is, in spite of the data divisions/replications for the computations, the privacy of the original data remains invariant. Specifically, we use the novel information flow model called RWFM model that assures that in spite of data divisions/replications that get triggered in map-reduce computations, the original data providers' policies are fully preserved through a dynamic labelling of data. Thus, our secure framework can be adapted for computing on MLS data preserving its' confidentiality and privacy specifications. This is realized through an automatic dynamic labelling through the RWFM model. We describe a design and establish that it preserves the security and privacy of the original data and illustrate the approach through examples.

[1]  R. K. Shyamasundar,et al.  Realizing Purpose-Based Privacy Policies Succinctly via Information-Flow Labels , 2014, 2014 IEEE Fourth International Conference on Big Data and Cloud Computing.

[2]  Murat Kantarcioglu,et al.  Silver Lining: Enforcing Secure Information Flow at the Cloud Edge , 2014, 2014 IEEE International Conference on Cloud Engineering.

[3]  Fabio Massacci,et al.  MAP-REDUCE Runtime Enforcement of Information Flow Policies , 2013, ArXiv.

[4]  R. K. Shyamasundar,et al.  POSTER: Dynamic Labelling for Analyzing Security Protocols , 2015, CCS.

[5]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[6]  Ting Yu,et al.  SecureMR: A Service Integrity Assurance Framework for MapReduce , 2009, 2009 Annual Computer Security Applications Conference.

[7]  Cynthia E. Irvine,et al.  Towards a Cross-Domain MapReduce Framework , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.

[8]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[9]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[10]  Vitaly Shmatikov,et al.  Airavat: Security and Privacy for MapReduce , 2010, NSDI.

[11]  Cynthia E. Irvine,et al.  A Multilevel Secure MapReduce Framework for Cross-Domain Information Sharing in the Cloud , 2013 .

[12]  Roland H. C. Yap,et al.  Tagged-MapReduce: A General Framework for Secure Computing with Mixed-Sensitivity Data on Hybrid Clouds , 2014, 2014 14th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing.

[13]  Andy Hopper,et al.  MrLazy: Lazy Runtime Label Propagation for MapReduce , 2014, HotCloud.

[14]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.