Skip to main content

Advertisement

Springer Nature Link
Log in

Big Data Management System Security Threat Model

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract—

The article considers the concept and features of Big Data management systems and their differences from traditional DBMS’s. The authors describe changes in the intruder model and new vulnerabilities in data management systems. A new threat model is developed. The article presents new problems of information security in a distributed Big Data processing and storage system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
€32.70 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (France)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

Similar content being viewed by others

REFERENCES

  1. Siddiqa, A., Hashem, I., Yaqoob, I., Marjani, M., Shamshirband, S., Gani, A., and Nasaruddin, F., A survey of big data management: Taxonomy and state-of-the-art, J. Network Comput. Appl., 2016, vol. 71, pp. 151–166. https://doi.org/10.1016/j.jnca.2016.04.008

    Article  Google Scholar 

  2. Hinke, T.H., DBMS technology vs. threats, in Database Security: Status and Prospects, Amsterdam: North-Holland Publishing Co., 1988.

    Google Scholar 

  3. Qiu, M. and Davis, S., Database security mechanisms and implementation, Issues Inf. Syst., 2002, vol. 3, pp. 529–534.

    Google Scholar 

  4. Lesov, P., Database Security: A Historical Perspectiv, CoRR abs/1004.4022, 2010. http://arxiv.org/ftp/arxiv/ papers/1004/1004.4022.pdf.

  5. Schaefer, M., State of the art and trends in trusted DBMS, in Sicherheitsaspekte in der Informationstechnik, Braunschweig: Vieweg+Teubner Verlag, 1991, pp. 119–143. https://doi.org/10.1007/978-3-322-83911-4

    Google Scholar 

  6. Ghorbanzadeh, P., Shaddeli, A., Malekzadeh, R., and Jahanbakhsh, Z., A survey of mobile database security threats and solutions for it, The 3rd International Conference on Information Sciences and Interaction Sciences, Chengdu, 2010, pp. 676–682. https://doi.org/10.1109/ICICIS.2010.5534685

  7. Khanuja, H.K. and Adane, D.S., Database security threats and challenges in database forensic: A survey, 2011 International Conference on Advancements in Information Technology, 2011, vol. 20, pp. 1–6.

  8. Zaman, F. and Raza, B., Self-protection against insider threats in DBMS through policies implementation, Int. J. Adv. Comput. Sci. Appl., 2017, vol. 8, no. 3, pp. 239–240.

    Google Scholar 

  9. Sallam, A. and Bertino, E., Detection of temporal insider threats to relational databases, 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), San Jose, CA, 2017, pp. 406–415. https://doi.org/10.1109/CIC.2017.00058

  10. Rohilla, S. and Mittal, P.K., Database security: Threads and challenges, Int. J. Adv. Res. Comput. Sci. Software Eng., 2013, vol. 3, no. 5, pp. 810–813.

    Google Scholar 

  11. Polyakov, A.M., Bezopasnost’ Oracle glazami auditora: Napadenie i zashchita (Oracle Security through Auditor’s Eyes: Attack and Defense), Moscow: DMK-Press, 2014.

  12. Smirnov, S.N., Bezopasnost’ sistem baz dannykh (Database System Security), Moscow: Gelios ARV, 2007.

  13. Utebov, D.R. and Belov, S.V., Classification of threats in database management systems, Vestn. Astrakh. Gos. Tekh. Univ., 2008, no. 1, pp. 87–92.

  14. Semenov, N.A. and Poltavtsev, A.A., The security organization of data architectures based on cloud systems, Probl. Inf. Bezop., Komp’yut. Sist., 2018, no. 4, pp. 33–43.

  15. Kuznetsov, S.D. and Poskonin, A.V., NoSQL data management systems, Program. Comput. Software, 2014, vol. 40, no. 6, pp. 323–332.

    Article  Google Scholar 

  16. Poltavtseva, M.A., Modeling of big data management systems in information security, Probl. Inf. Bezop., Komp’yut. Sist., 2019, no. 1, pp. 69–78.

  17. Khan, N. and Al-Yasiri, A., Identifying cloud security threats to strengthen cloud computing, Adoption Framework Procedia Comput. Sci., 2016, vol. 94, pp. 485–490. https://doi.org/10.1016/j.procs.2016.08.075

    Article  Google Scholar 

  18. Big Data Working Group Guidance. Cloud Security Alliance. 2016. https://cloudsecurityalliance.org/ group/big-data/. Accessed February 26, 2016.

  19. Khan, S. and Ukey, E., Secure distributed big data storage using cloud computing, IOSR J. Comput. Eng., 2017, vol. 19, no. 4, pp. 8–12.

    Article  Google Scholar 

  20. Mehmood, A., Natgunanathan, I., Xiang, Y., Hua, G., and Guo, S., Protection of Big Data privacy, IEEE Access, 2016, vol. 4, pp. 1821–1834.

    Article  Google Scholar 

  21. Alshboul, Y., Wang, Y., and Nepali, R.K., Big Data lifecycle: Threats and security model, Proceedings of the 21st Americas Conference on Information Systems (AMCIS 2015), 2015, Fajardo, 2015, pp. 1–7.

  22. Kiran, M., Murphy, P., Monga, I., Dugan, J., and Baveja, S., Lambda architecture for cost-effective batch and speed big data processing, 2015 IEEE International Conference on Big Data (Big Data), Santa Clara, CA, 2015, pp. 2785–2792. https://doi.org/10.1109/BigData.2015.7364082

  23. Sinaeepourfard, A., Krogstie, J., and Petersen, S.A., A Big Data management architecture for smart cities based on fog-to-cloud data management architecture, Proceedings of the 4th Norwegian Big Data Symposium (NOBIDS 2018), Trondheim, 2018.

  24. Rouf, Y., Shtern, M., Fokaefs, M., and Litoiu, M., A hierarchical architecture for distributed security control of large scale systems, ICSE-C’17 Proceedings of the 39th International Conference on Software Engineering Companion, Buenos Aires, 2017, pp. 118–120.

  25. Sadalage, P.J. and Fowler, M., NoSQL Distilled: A Brief Guide to the Emerging World of Polyglot Persistence, Addison-Wesley, 2012.

    Google Scholar 

  26. Kotenko, I., Saenko, I., and Branitskiy, A., Framework for mobile Internet of Things security monitoring based on Big Data processing and machine learning, IEEE Access, 2018, vol. 6. https://doi.org/10.1109/ACCESS.2018.2881998

    Article  Google Scholar 

  27. Poltavtseva, M.A. and Shterenberg, S.I., A distributed intrusion detection system with protection from an internal intruder, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 945–953.

    Article  Google Scholar 

  28. Poltavtseva, M.A. and Khabarov, A.R., Database security: Problems and prospects, Program. Prod. Sist., 2016, no. 3-1, pp. 36–41.

  29. Kuznetsov, D., Bazy dannykh: Yazyki i modeli (Databases: Languages and Models), Moscow: Binom, 2008.

  30. Markov, A.S. and Fadin, A.A., Systematics of vulnerabilities and security defects of software resources, Zashch. Inf., INSIDE, 2013, no. 3, pp. 2–7.

  31. Jardin, D.A., The ANSI/SPARC DBMS Model, Montreal: North-Holland Pub. Co., 1977.

    Google Scholar 

Download references

Funding

The reported study was funded by RFBR according to the research project no. 18-29-03102.

Author information

Authors and Affiliations

  1. St. Petersburg Polytechnic University, 195251, St. Petersburg, Russia

    M. A. Poltavtseva, D. P. Zegzhda & M. O. Kalinin

Authors
  1. M. A. Poltavtseva
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. D. P. Zegzhda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. O. Kalinin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to M. A. Poltavtseva, D. P. Zegzhda or M. O. Kalinin.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by O. Pismenov

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Poltavtseva, M.A., Zegzhda, D.P. & Kalinin, M.O. Big Data Management System Security Threat Model. Aut. Control Comp. Sci. 53, 903–913 (2019). https://doi.org/10.3103/S0146411619080261

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619080261

Keywords:

Search

Navigation