TPM-Based Authentication Mechanism for Apache Hadoop
@inproceedings{Khalil2014TPMBasedAM, title={TPM-Based Authentication Mechanism for Apache Hadoop}, author={Issa M. Khalil and Zuochao Dou and Abdallah Khreishah}, booktitle={SecureComm}, year={2014} }
Hadoop is an open source distributed system for data storage and parallel computations that is widely used. It is essential to ensure the security, authenticity, and integrity of all Hadoop’s entities. The current secure implementations of Hadoop rely on Kerberos, which suffers from many security and performance issues including single point of failure, online availability requirement, and concentration of authentication credentials. Most importantly, these solutions do not guard against…
14 Citations
Robust Insider Attacks Countermeasure for Hadoop: Design and Implementation
- Computer ScienceIEEE Systems Journal
- 2018
This paper proposes an authentication framework for Hadoop that utilizes trusted platform module technology and formally proved the correctness and the security guarantees of the protocol via Burrows–Abadi–Needham logic.
Data Authorization in Hadoop using Kerberos Authentication System and Transport Layer Security
- Computer Science
- 2020
Kerberos authentication system along with Transport Layer Security (TLS) encryption was proposed to protect the stored data in HDFS from replay and attacks and the experimental result showed the efficiency and effectiveness.
Mitigation of Insider Attacks for Data Security in Distributed Computing Environments
- Computer Science
- 2017
The problem of mitigating insider attacks is extensively investigated and several static and dynamic run-time techniques are developed that target detection of insider attacks that exploit data and infrastructure.
Multiprotocol Authentication Device for HPC and Cloud Environments Based on Elliptic Curve Cryptography
- Computer Science
- 2020
The proposed electronic token (eToken), based on the system-on-chip ESP32, provides an extra layer of security based on elliptic curve cryptography that facilitates its integration in High-Performance Computing (HPC) and cloud systems, through a generic gateway.
A System Architecture for the Detection of Insider Attacks in Big Data Systems
- Computer ScienceIEEE Transactions on Dependable and Secure Computing
- 2018
This work proposes a new system architecture in which insider attacks can be detected by utilizing the replication of data on various nodes in the system by using a two-step attack detection algorithm and a secure communication protocol.
CLAS: A Novel Communications Latency Based Authentication Scheme
- Computer ScienceSecur. Commun. Networks
- 2017
CLAS restricts login to profiled locations while demanding additional information for nonprofiled ones, which highly reduces the attack surface even when the legitimate credentials are compromised, and is resilient to phishing, pharming, man-in-the-middle, and social engineering attacks.
TASMR: Towards advanced secure mapreduc framework across untrusted hybrid clouds
- Computer Science2017 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech)
- 2017
A novel architecture to secure MapReduce computation upon the aforementioned challenges in a hybrid clouds is proposed that overcomes the flaws of the state-of-the-art proposed solutions, but also provides remarkable security guarantees that guard against insider and outsider threats.
A New HDFS Key Management Mechanism Based on Multi-level Hash Keychain
- Computer ScienceICBDR 2018
- 2018
The results show that the multi-level hash keychain mechanism can effectively improve the security and efficiency of HDFS authentication.
Research on the Application of Transparent Encryption in Distributed File System HDFS
- Computer Science2020 19th International Symposium on Distributed Computing and Applications for Business Engineering and Science (DCABES)
- 2020
Research shows that HDFS transparent encryption technology has the advantages of high performance, transparent application and easy deployment, but there are still potential security problems in the application process.
A Novel and Robust Authentication Factor Based on Network Communications Latency
- Computer ScienceIEEE Systems Journal
- 2018
This work shows howinline-formula can be used to uniquely and securely identify login locations and hence can support location-based web authentication mechanisms and designs a two-factor authentication scheme (dubbed AMAN) that uses legacy passwords as a first factor andtex-math notation="LaTeX" as a second authentication factor.
References
SHOWING 1-10 OF 14 REFERENCES
SECOS : Key Management for Scalable and Energy Efficient Crypto On Sensors
- Computer Science
- 2003
A protocol called SECOS is proposed that mitigates problems of weak security guarantees if some nodes are compromised, lack of scalability, high energy overhead for key management and increased end-to-end data latency and enhances the survivability of the network by handling failures of control nodes.
Implementation of a Trusted Ticket System
- Computer ScienceSEC
- 2009
This work uses the Trusted Platform Module to demonstrate how this technology can be used in the context of Kerberos for an implementation variant of Identity Management.
Towards Trusted Cloud Computing
- Computer ScienceHotCloud
- 2009
The design of a trusted cloud computing platform (TCCP) is proposed, which enables Infrastructure as a Service (IaaS) providers such as Amazon EC2 to provide a closed box execution environment that guarantees confidential execution of guest virtual machines.
THE HADOOP DISTRIBUTED FILE SYSTEM: BALANCING PORTABILTY
- Computer Science
- 2013
This paper focuses on how the replicas are managed in HDFS for providing high availability of data under extreme computational requirement and possible failure that will affect the Hadoop cluster.
The Hadoop Distributed File System
- Computer Science2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST)
- 2010
The architecture of HDFS is described and experience using HDFS to manage 25 petabytes of enterprise data at Yahoo! is reported on.
Efficient wireless reprogramming through reduced bandwidth usage and opportunistic sleeping
- Computer ScienceAd Hoc Networks
- 2009
Sustainable GPU Computing at Scale
- Computer Science2011 14th IEEE International Conference on Computational Science and Engineering
- 2011
The results show that assuming three times slowdown of the statistical multiplexing layer, for an application using 1024 processors with 35\% checkpoint overhead, the two-tier framework will produce sustained time and energy savings for MTBF less than 6 hours.
A novel composite model approach to improve software quality prediction
- Computer ScienceInf. Softw. Technol.
- 2010
TMR: Towards a Trusted MapReduce Infrastructure
- Computer Science2012 IEEE Eighth World Congress on Services
- 2012
This paper proposes a Trusted MapReduce (TMR) framework that effectively uses remote attestations to achieve efficient and deterministic integrity verification and proposes a split and parallel attestation schema to reduce latency and eliminate scalability limitations when employing the Trusted Computing mechanisms.