Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Proceedings of the Institute for System Programming of the RAS, 2023, Volume 35, Issue 4, Pages 93–108
DOI: https://doi.org/10.15514/ISPRAS-2023-35(4)-4
(Mi tisp802)
 

This article is cited in 1 scientific paper (total in 1 paper)

Access control system analysis in heterogeneous big data management systems

M. A. Poltavtseva, M. O. Kalinin

Peter the Great St. Petersburg Polytechnic University
Abstract: Big data management systems are in demand today in practically all industries, and they are also the foundation for artificial intelligence training. The use of heterogeneous poly-stores in big data systems has led to the fact that tools within the same system have different data granularity and access control models. Harmonization of such components by the security administrator and implementation of common access-policy is now done manually. This leads to an increasing number of customization vulnerabilities, which in turn serves as a frequent cause of data leaks. Analysis of works in the area of automation and analysis of access control in big data systems shows the lack of automation solutions for poly-store based systems. This paper poses the problem of automating the analysis of access control analysis in big data management systems. The authors formulate the main contradiction, which consists, on the one hand, in the requirement of scalability and flexibility of access control, and on the other hand - in the growth of the burden on the security administrator, aggravated by the use of different data models and access control in the system components. To solve this problem, we propose a new automated method for analyzing security policies based on a graph model of data processing, which reduces the number of possible vulnerabilities resulting from incorrect administration of big data systems. The proposed method uses the data life cycle model of the system, current settings and the desired security policy. The use of two-pass analysis (from data sources to recipients and back) allows to solve two tasks: analyzing the access control system for possible vulnerabilities and checking compliance with correctness of business logic. The paper gives an example of analysis of security policies of the big data management system using the developed software prototype and analyzes the obtained results.
Keywords: information security, big data, polystore, poly-databases, access control, data life cycle, data processing modeling, security policy
Document Type: Article
Language: Russian
Citation: M. A. Poltavtseva, M. O. Kalinin, “Access control system analysis in heterogeneous big data management systems”, Proceedings of ISP RAS, 35:4 (2023), 93–108
Citation in format AMSBIB
\Bibitem{PolKal23}
\by M.~A.~Poltavtseva, M.~O.~Kalinin
\paper Access control system analysis in heterogeneous big data management systems
\jour Proceedings of ISP RAS
\yr 2023
\vol 35
\issue 4
\pages 93--108
\mathnet{http://mi.mathnet.ru/tisp802}
\crossref{https://doi.org/10.15514/ISPRAS-2023-35(4)-4}
Linking options:
  • https://www.mathnet.ru/eng/tisp802
  • https://www.mathnet.ru/eng/tisp/v35/i4/p93
  • This publication is cited in the following 1 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:42
    Full-text PDF :13
     
      Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024