Abstract
Big Data is becoming a prominent trend in our society. Ever larger amounts of data, including sensitive and personal information, are being loaded into NoSQL and other Big Data technologies for analysis and processing. However, current security approaches do not take into account the special characteristics of these technologies, leaving sensitive and personal data unprotected, thereby risking severe monetary losses and brand damage. In this paper, we focus on assuring document databases, proposing a framework that considers three stages: (1) The source data set is analysed by using Natural Language Processing techniques and ontological resources, in order to detect sensitive data. (2) We define a metamodel for document databases that allows designers to specify both structural and security aspects. (3) This model is automatically implemented into a specific document database tool, MongoDB. Finally, we apply the proposed framework to a case study with a data set from the medical domain. The great advantages of our framework are that: (1) the effort required to secure the data is reduced, as part of the process is automated, (2) it can be easily applied to other NoSQL technologies by adapting the metamodel and transformations, and (3) it is aligned with existing standards, thus facilitating the application of recommendations and best practices.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
http://wordnetweb.princeton.edu/perl/webwn (visited on April, 2018).
References
Andrew, F., Arthur, A.: UCI machine learning repository. http://archive.ics.uci.edu/ml. irvine, ca: University of california. School of Information and Computer Science, 213 (2010)
Hou, S., Huang, X., Liu, J.K., Li, J., Xu, L.: Universal designated verifier transitive signatures for graph-based big data. Inf. Sci. 318, 144–156 (2015)
Jurjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2004)
Kshetri, N.: Big data’s impact on privacy, security and consumer welfare. Telecommun. Policy 38(11), 1134–1145 (2014)
La Fuente, G.: The big data security challenge. Netw. Secur. 1, 12–14 (2015)
Michael, K., Miller, K.: Big data: new opportunities and new challenges [guest editors’ introduction]. Computer 46(6), 22–24 (2013)
NIST: Big Data Interoperability Fremework, Security and Privacy. Big Data Public Working Group, vol. 4 (2017)
Okman, L., Gal-Oz, N., Gonen, Y., Gudes, E., Abramov, J.: Security issues in NoSQL databases. In: Proceedings of 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (2011)
RENCI/NCDS. Security and privacy in the era of big data. White paper (2014). http://www.renci.org/wp-content/uploads/2014/02/0313WhitePaper-iRODS.pdf
Saraladevi, B., Pazhaniraja, N., Paul, P., Basha, M.S., Dhavachelvan, P.: Big data and hadoop-a study in security perspective. Procedia Comput. Sci. 50, 596–601 (2015)
Thuraisingham, B.: Big data security and privacy. In: 5th ACM Conference on Data and Application Security and Privacy, pp. 279–280. ACM (2015)
Toshniwal, R., Dastidar, K., Nath, A.: Big data security issues and challenges. Int. J. Innov. Res. Adv. Eng. (IJIRAE) 2(2), 15–20 (2015)
Wei, G., Shao, J., Xiang, Y., Zhu, P., Lu, R.: Obtain confidentiality or/and authenticity in big data by ID-based generalized signcryption. Inf. Sci. 318, 111–122 (2015)
Yan, S.R., Zheng, X.L., Wang, Y., Song, W.W., Zhang, W.Y.: A graph-based comprehensive reputation model: exploiting the social context of opinions to enhance trust in social commerce. Inf. Sci. 318, 51–72 (2015)
Acknowledgments
This work has been developed within the SEQUOIA Project, funded by Fondo Europeo de Desarrollo Regional FEDER and Ministerio de Economía y Competitividad, (TIN2015-63502-C3-1-R) (MINECO/FEDER).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Blanco, C., García-Saiz, D., Peral, J., Maté, A., Oliver, A., Fernández-Medina, E. (2018). How the Conceptual Modelling Improves the Security on Document Databases. In: Trujillo, J., et al. Conceptual Modeling. ER 2018. Lecture Notes in Computer Science(), vol 11157. Springer, Cham. https://doi.org/10.1007/978-3-030-00847-5_36
Download citation
DOI: https://doi.org/10.1007/978-3-030-00847-5_36
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00846-8
Online ISBN: 978-3-030-00847-5
eBook Packages: Computer ScienceComputer Science (R0)