MapReduce: A critical analysis of existing authentication methods

The use of MapReduce (MR) model has attracted much attention because of the reductions in the costs involved in satisfying the storage and computational demands. However, authentication methods proposed for such model is subjected with rooms for improvements. In the initial design and implementation of the MR model such as Hadoop, issues of security including authentication was not considered. It was assumed that the underlying system worked in a trustworthy environment, so MR developers did not provide authentication methods in the MR model. This assumption is still valid to some extent, whereas major IT players in the world, such as Facebook and Yahoo have implemented the MR model in their private clouds. However, recently there are efforts to provide the MR model in public clouds. Inadequate authentication methods for the MR model in such environment makes the job execution work-flow vulnerable to many attacks such as impersonation and spoofing attacks. So as part of our work to design a secure and effective authentication solution for the MR model, this paper examines and critically analyses the state-of-the-art in MR authentication methods against a general set of specified requirements. It is to identify limitations, weaknesses, and missing features in the proposed authentication methods for the MR model.

[1]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[2]  Paul Zikopoulos,et al.  Understanding Big Data: Analytics for Enterprise Class Hadoop and Streaming Data , 2011 .

[3]  Joseph Migga Kizza Cloud Computing and Related Security Issues , 2013 .

[4]  Andrew P. Martin,et al.  TMR: Towards a Trusted MapReduce Infrastructure , 2012, 2012 IEEE Eighth World Congress on Services.

[5]  Ning Zhang,et al.  MapReduce: MR Model Abstraction for Future Security Study , 2014, SIN.

[6]  Tom White,et al.  Hadoop: The Definitive Guide , 2009 .

[7]  Rui Zhang,et al.  A model of cloud data secure storage based on HDFS , 2013, 2013 IEEE/ACIS 12th International Conference on Computer and Information Science (ICIS).

[8]  Achim Streit,et al.  Enabling collaborative MapReduce on the Cloud with a single-sign-on mechanism , 2014, Computing.

[9]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[10]  Ting Yu,et al.  SecureMR: A Service Integrity Assurance Framework for MapReduce , 2009, 2009 Annual Computer Security Applications Conference.

[11]  Chuck Lam,et al.  Hadoop in Action , 2010 .

[12]  S. Ranjitha Kumari,et al.  A Survey on Performance Analysis of DES , AES and RSA Algorithm along with LSB Substitution Technique , 2013 .

[13]  S. Rubika,et al.  A Novel Authentication Service for Hadoop in Cloud Environment , 2012, 2012 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM).

[14]  Ning Zhang,et al.  Security issues relating to inadequate authentication in MapReduce applications , 2013, 2013 International Conference on High Performance Computing & Simulation (HPCS).

[15]  V. S. Shankar Sriram,et al.  Authentication Service in Hadoop using One Time Pad , 2014 .

[16]  Jing Xiao,et al.  High-Integrity MapReduce Computation in Cloud with Speculative Execution , 2011 .