Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Be...Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Because of that, the technology remained vulnerable to malicious activities of unauthorized users whose purpose is to endanger system functionalities or to compromise private user data. Researchers and developers are continuously trying to solve these issues by upgrading Hadoop’s security mechanisms and preventing undesirable malicious activities. In this paper, the most common HDFS security problems and a review of unauthorized access issues are presented. First, Hadoop mechanism and its main components are described as the introduction part of the leading research problem. Then, HDFS architecture is given, and all including components and functionalities are introduced. Further, all possible types of users are listed with an accent on unauthorized users, which are of great importance for the paper. One part of the research is dedicated to the consideration of Hadoop security levels, environment and user assessments. The review also includes an explanation of Log Monitoring and Audit features, and detail consideration of authorization and authentication issues. Possible consequences of unauthorized access to a system are covered, and a few recommendations for solving problems of unauthorized access are offered. Honeypot nodes, security mechanisms for collecting valuable information about malicious parties, are presented in the last part of the paper. Finally, the idea for developing a new type of Intrusion Detector, which will be based on using an artificial neural network, is presented. The detector will be an integral part of a new kind of virtual honeypot mechanism and represents the initial base for future scientific work of authors.展开更多
To resolve the problem of quantitative analysis in hybrid cloud,a quantitative analysis method,which is based on the security entropy,is proposed.Firstly,according to the information theory,the security entropy is put...To resolve the problem of quantitative analysis in hybrid cloud,a quantitative analysis method,which is based on the security entropy,is proposed.Firstly,according to the information theory,the security entropy is put forward to calculate the uncertainty of the system' s determinations on the irregular access behaviors.Secondly,based on the security entropy,security theorems of hybrid cloud are defined.Finally,typical access control models are analyzed by the method,the method's practicability is validated,and security and applicability of these models are compared.Simulation results prove that the proposed method is suitable for the security quantitative analysis of the access control model and evaluation to access control capability in hybrid cloud.展开更多
1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strat...1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strategies typically focus only on the unilateral access control of data requesters,potentially failing to prevent unauthorized individuals from maliciously publishing data.Additionally,existing key update schemes rely on trusted key generation center(KGC)and have significant performance limitations,which are not practical[3,4].展开更多
文摘Hadoop technology is followed by some security issues. At its beginnings, developers paid attention to the development of basic functionalities mostly, and proposal of security components was not of prime interest. Because of that, the technology remained vulnerable to malicious activities of unauthorized users whose purpose is to endanger system functionalities or to compromise private user data. Researchers and developers are continuously trying to solve these issues by upgrading Hadoop’s security mechanisms and preventing undesirable malicious activities. In this paper, the most common HDFS security problems and a review of unauthorized access issues are presented. First, Hadoop mechanism and its main components are described as the introduction part of the leading research problem. Then, HDFS architecture is given, and all including components and functionalities are introduced. Further, all possible types of users are listed with an accent on unauthorized users, which are of great importance for the paper. One part of the research is dedicated to the consideration of Hadoop security levels, environment and user assessments. The review also includes an explanation of Log Monitoring and Audit features, and detail consideration of authorization and authentication issues. Possible consequences of unauthorized access to a system are covered, and a few recommendations for solving problems of unauthorized access are offered. Honeypot nodes, security mechanisms for collecting valuable information about malicious parties, are presented in the last part of the paper. Finally, the idea for developing a new type of Intrusion Detector, which will be based on using an artificial neural network, is presented. The detector will be an integral part of a new kind of virtual honeypot mechanism and represents the initial base for future scientific work of authors.
基金Supported by the National Natural Science Foundation of China(No.60872041,61072066)Fundamental Research Funds for the Central Universities(JYI0000903001,JYI0000901034)
文摘To resolve the problem of quantitative analysis in hybrid cloud,a quantitative analysis method,which is based on the security entropy,is proposed.Firstly,according to the information theory,the security entropy is put forward to calculate the uncertainty of the system' s determinations on the irregular access behaviors.Secondly,based on the security entropy,security theorems of hybrid cloud are defined.Finally,typical access control models are analyzed by the method,the method's practicability is validated,and security and applicability of these models are compared.Simulation results prove that the proposed method is suitable for the security quantitative analysis of the access control model and evaluation to access control capability in hybrid cloud.
基金supported by the National Key R&D Projects(No.2021YFB00900)the National Natural Science Foundation of China(Grant Nos.U20A20174,U22B2062,62302230,62202051,62372068,62302229,and 62302162)the China Postdoctoral Science Foundation(Nos.2021M700435,2024M751480).
文摘1 Introduction Access control and key update are crucial for secure data sharing.Currently,many access control strategies have been proposed to address unauthorized access and privacy breaches[1,2].However,these strategies typically focus only on the unilateral access control of data requesters,potentially failing to prevent unauthorized individuals from maliciously publishing data.Additionally,existing key update schemes rely on trusted key generation center(KGC)and have significant performance limitations,which are not practical[3,4].
