Visible to the public Biblio

Filters: Author is Peng Ning  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Y
Yu Xianqing, Peng Ning, Mladen A. Vouk.  2015.  Enhancing security of Hadoop in a public cloud. 6th International Conference Information and Communication Systems (ICICS). :pp.38–43.

Hadoop has become increasingly popular as it rapidly processes data in parallel. Cloud computing gives reli- ability, flexibility, scalability, elasticity and cost saving to cloud users. Deploying Hadoop in cloud can benefit Hadoop users. Our evaluation exhibits that various internal cloud attacks can bypass current Hadoop security mechanisms, and compromised Hadoop components can be used to threaten overall Hadoop. It is urgent to improve compromise resilience, Hadoop can maintain a relative high security level when parts of Hadoop are compromised. Hadoop has two vulnerabilities that can dramatically impact its resilience. The vulnerabilities are the overloaded authentication key, and the lack of fine-grained access control at the data access level. We developed a security enhancement for a public cloud-based Hadoop, named SEHadoop, to improve the compromise resilience through enhancing isolation among Hadoop components and enforcing least access privilege for Hadoop processes. We have implemented the SEHadoop model, and demonstrated that SEHadoop fixes the above vulnerabilities with minimal or no run-time overhead, and effectively resists related attacks.

X
Xianqing Yu, Peng Ning, Mladen A. Vouk.  2014.  Securing Hadoop in cloud. HotSoS 2014 Symposium and Bootcamp on the Science of Security. :ArticleNo.26.

Hadoop is a map-reduce implementation that rapidly processes data in parallel. Cloud provides reliability, flexibility, scalability, elasticity and cost saving to customers. Moving Hadoop into Cloud can be beneficial to Hadoop users. However, Hadoop has two vulnerabilities that can dramatically impact its security in a Cloud. The vulnerabilities are its overloaded authentication key, and the lack of fine-grained access control at the data access level. We propose and develop a security enhancement for Cloud-based Hadoop.