trademark
2c2kIhh
2c2kIhh
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
1.0<br />
Secure Computations in Distributed<br />
Programming Frameworks<br />
In distributed programming frameworks such as Apache Hadoop, it is important to ensure<br />
trustworthiness of mapper and secure data in spite of untrusted mappers. Also, it is necessary<br />
to prevent information leakage from mapper output. Hence, the following guidelines should<br />
be followed to ensure secure computations in distributed programming frameworks.<br />
1.1 Establish initial trust<br />
1.1.1 Why?<br />
To ensure trustworthiness of mappers.<br />
1.1.2 How?<br />
Establish initial trust by making master authenticate worker using Kerberos authentication<br />
or equivalent when worker sends connection request to master. The authentication<br />
should be mutual to ensure authenticity of masters. Besides authentication, use of integrity<br />
measurement mechanisms, i.e. one using Trusted Platform Module (TPM), should be<br />
considered.<br />
1.2 Ensure conformance with predefined<br />
security policies<br />
1.2.1 Why?<br />
To achieve a high level of security in computations.<br />
1.2.2 How?<br />
Periodically check security properties of each worker. For example, the master nodes<br />
Hadoop-policy.xml should check for a match with the worker nodes security policy.<br />
CLOUD SECURITY ALLIANCE Big Data Working Group Guidance<br />
© Copyright 2016, Cloud Security Alliance. All rights reserved.<br />
9