trademark
2c2kIhh
2c2kIhh
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Table of Contents<br />
Acknowledgements<br />
Introduction<br />
1.0 Secure Computations in Distributed<br />
Programming Frameworks<br />
1.1 Establish initial trust<br />
1.1.1 Why? | 1.1.2 How?<br />
1.2 Ensure conformance with pre<br />
defined security policies<br />
1.2.1 Why? | 1.2.2 How?<br />
1.3 De-identify data<br />
1.3.1 Why? | 1.3.2 How?<br />
1.4 Authorize access to files with<br />
predefined security policy<br />
1.4.1 Why? | 1.4.2 How?<br />
1.5 Ensure that untrusted code does<br />
not leak information via system<br />
resources<br />
1.5.1 Why? | 1.5.2 How?<br />
1.6 Prevent information leakage<br />
through output<br />
1.6.1 Why? | 1.6.2 How?<br />
1.7 Maintain worker nodes<br />
1.7.1 Why? | 1.7.2 How?<br />
1.8 Detect fake nodes<br />
1.8.1 Why? | 1.8.2 How?<br />
1.9 Protect mappers<br />
1.9.1 Why? | 1.9.2 How?<br />
1.10 Check for altered copies of data<br />
1.10.1 Why? | 1.10.2 How?<br />
2.0 Security Best Practices for Non-<br />
Relational Data Stores<br />
2.1 Protect passwords<br />
2.1.1 Why? | 2.1.2 How?<br />
2.2 Safeguard data by data<br />
encryption while at rest<br />
2.2.1 Why? | 2.2.2 How?<br />
2.3 Use transport layer security<br />
(TLS) to establish connections<br />
and communication<br />
2.3.1 Why? | 2.3.2 How?<br />
2.4 Provide support for pluggable<br />
authentication modules<br />
2.4.1 Why? | 2.4.2 How?<br />
2.5 Implement appropriate logging<br />
mechanisms<br />
2.5.1 Why? | 2.5.2 How?<br />
2.6 Apply fuzzing methods for<br />
security testing<br />
2.6.1 Why? | 2.6.2 How?<br />
2.7 Ensure appropriate data-tagging<br />
techniques<br />
2.7.1 Why? | 2.7.2 How?<br />
2.8 Control communication across<br />
cluster<br />
2.8.1 Why? | 2.8.2 How?<br />
2.9 Ensure data replication<br />
consistency<br />
2.9.1 Why? | 2.9.2 How?<br />
2.10 Utilize middleware layer for<br />
security to encapsulate underlying<br />
NoSQL stratum<br />
2.10.1 Why? | 2.10.2 How?<br />
3.0 Secure Data Storage and<br />
Transactions Logs<br />
3.1 Implement exchange of signed<br />
message digests<br />
CLOUD SECURITY ALLIANCE Big Data Working Group Guidance<br />
© Copyright 2016, Cloud Security Alliance. All rights reserved.<br />
3