Towards a Virtual Domain Based Authentication on MapReduce

This paper has proposed a novel authentication solution for the MapReduce (MR) model, a new distributed and parallel computing paradigm commonly deployed to process Big Data by major IT players, such as Facebook and Yahoo. It identifies a set of security, performance, and scalability requirements that are specified from a comprehensive study of a job execution process using MR and security threats and attacks in this environment. Based on the requirements, it critically analyzes the state-of-the-art authentication solutions, discovering that the authentication services currently proposed for the MR model is not adequate. This paper then presents a novel layered authentication solution for the MR model and describes the core components of this solution, which includes the virtual domain based authentication framework (VDAF). These novel ideas are significant, because, first, the approach embeds the characteristics of MR-in-cloud deployments into security solution designs, and this will allow the MR model be delivered as a software as a service in a public cloud environment along with our proposed authentication solution; second, VDAF supports the authentication of every interactions by any MR components involved in a job execution flow, so long as the interactions are for accessing resources of the job; third, this continuous authentication service is provided in such a manner that the costs incurred in providing the authentication service should be as low as possible.

[1]  Ning Zhang,et al.  Security issues relating to inadequate authentication in MapReduce applications , 2013, 2013 International Conference on High Performance Computing & Simulation (HPCS).

[2]  Ting Yu,et al.  SecureMR: A Service Integrity Assurance Framework for MapReduce , 2009, 2009 Annual Computer Security Applications Conference.

[3]  Achim Streit,et al.  Enabling collaborative MapReduce on the Cloud with a single-sign-on mechanism , 2014, Computing.

[4]  Ning Zhang,et al.  MapReduce: MR Model Abstraction for Future Security Study , 2014, SIN.

[5]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[6]  Andrew P. Martin,et al.  TMR: Towards a Trusted MapReduce Infrastructure , 2012, 2012 IEEE Eighth World Congress on Services.

[7]  Chuck Lam,et al.  Hadoop in Action , 2010 .

[8]  Rui Zhang,et al.  A model of cloud data secure storage based on HDFS , 2013, 2013 IEEE/ACIS 12th International Conference on Computer and Information Science (ICIS).

[9]  V. S. Shankar Sriram,et al.  Authentication Service in Hadoop using One Time Pad , 2014 .

[10]  Ning Zhang,et al.  MapReduce: A critical analysis of existing authentication methods , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[11]  Jing Xiao,et al.  High-Integrity MapReduce Computation in Cloud with Speculative Execution , 2011 .

[12]  Joseph Migga Kizza Cloud Computing and Related Security Issues , 2013 .

[13]  S. Ranjitha Kumari,et al.  A Survey on Performance Analysis of DES , AES and RSA Algorithm along with LSB Substitution Technique , 2013 .

[14]  S. Rubika,et al.  A Novel Authentication Service for Hadoop in Cloud Environment , 2012, 2012 IEEE International Conference on Cloud Computing in Emerging Markets (CCEM).

[15]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[16]  Paul Zikopoulos,et al.  Understanding Big Data: Analytics for Enterprise Class Hadoop and Streaming Data , 2011 .