计算机工程与应用 ›› 2019, Vol. 55 ›› Issue (23): 70-77.DOI: 10.3778/j.issn.1002-8331.1808-0345

• 大数据与云计算 • 上一篇    下一篇

基于数据敏感性的大数据访问控制模型研究

王静宇,栾俊清,谭跃生   

  1. 内蒙古科技大学 信息工程学院,内蒙古 包头 014010
  • 出版日期:2019-12-01 发布日期:2019-12-11

Research on Big Data Access Control Model Based on Data Sensitivity

WANG Jingyu, LUAN Junqing, TAN Yuesheng   

  1. School of Information Engineering, Inner Mongolia University of Science & Technology, Baotou, Inner Mongolia 014010, China
  • Online:2019-12-01 Published:2019-12-11

摘要: 最近大数据的增长正在引发安全和隐私问题,传统的访问控制模型难以对海量数据提供动态的访问控制。针对Hadoop云平台的数据安全问题,提出了一个基于数据敏感性的Hadoop大数据访问控制模型。模型利用数据内容、使用模式和数据敏感性来强化访问控制策略,在评估数据敏感性上用户干预最小,能根据数据集的增加和删除所引起的数据敏感性变化来调整访问控制策略。实验结果表明,该模型能够以较少的开销增强对非多媒体数据集的访问控制,解决了现有Hadoop平台中访问控制模型安全性的不足。

关键词: 大数据, Hadoop, 访问控制, 隐私保护

Abstract: Recent growth in big-data is raising security and privacy concerns. Traditional access control models cannot provide dynamic access control to massive data. In view of the data security problem of Hadoop platform, a content sensitivity based access control model is proposed. The model enhances access control policies by harnessing the data context, usage patterns, and data sensitivity. The proposed model evaluates data sensitivity with minimal user intervention and adjusts access control strategies based on changes in data sensitivity caused by data set additions and deletions. Experimental results show that the proposed model is capable of enforcing access control policies on non-multimedia data sets with minimal overhead and overcomes the disadvantage on lacking of security about existing access control model in Hadoop platform.

Key words: big data, Hadoop, access control, privacy protection