Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Native Big Data Deployments Steven C. Markey, MSIS, PMP, CISSP, CIPP/US, CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor.

Published byBrittney Horn Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Native Big Data Deployments Steven C. Markey, MSIS, PMP, CISSP, CIPP/US, CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor."— Presentation transcript:

1 Securing Native Big Data Deployments Steven C. Markey, MSIS, PMP, CISSP, CIPP/US, CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor

2 Presentation Overview – Why Should You Care? – Big Data Overview – Securing Native Big Data Deployments Securing Big Data

3 Why Should You Care – Organizational Cost Reduction Requirements Justify Investments Improve Efficiencies (Productivity, Time to Market) – Digital Information – 60%~ Annual Growth Rate (AGR) – Data Storage – 15-20% AGR Capital Expense (CapEx) – Categorization, Classification & Retention Magnify Compliance, Legal & Privacy Regulations – Prevalent & Interconnected Business Ecosystems Supply Chains Business Process Outsourcers (BPO) Information Technology Outsourcers (ITO) Vendor’s Vendors Source: IDC Securing Big Data

4 Source: Flickr

5 Securing Big Data Big Data Overview – Aggregated Data from the Following Sources Traditional Sensory Social

6 Securing Big Data Traditional Data – Database Management Systems Relational Database Management Systems (RDBMS) Object-Oriented Database Management Systems (OODBMS) Non-Relational, Distributed DB Management Systems (NRDBMS) Mobile Databases (SQLite, Oracle Lite) – Online Transaction Processing (OLTP) Real-Time Data Warehousing – Online Analytical Processing (OLAP) Operational Data Stores (ODS) Enterprise Data Warehouses (EDW)

7 Securing Big Data Traditional Data – OLAP Business Intelligence (BI) – Data Mining – Reporting – OLAP (Continued) » Relational OLAP (ROLAP) » Multi-Dimensional OLAP (MOLAP) » Hybrid OLAP (HOLAP) OLTP  ODS  EDW (Data Marts)  BI (Data Mining) OLTP  ODS  EDW (Data Marts)  BI (Reporting) OLTP  ODS  EDW (Data Marts)  BI (OLAP)

8 Securing Big Data Source Data – Log Files Event Logs / Operating System (OS) - Level Appliance / Peripherals Analyzers / Sniffers – Multimedia Image Logs Video Logs – Web Content Management (WCM) Web Logs Search Engine Optimization (SEO) – Web Metadata

9

10 OpenStack User Interface (Horizon) Object Store (Swift) Image Store (Glance) Compute (Nova) Block Storage (Cinder) Network Services (Neutron) Key Service (Barbican) Trusted Compute Pools (Extended with Geo Tagging) Trusted Compute Pools (Extended with Geo Tagging) OVF Meta-Data Import Intel® DPDK vSwitch Enhanced Platform Awareness Erasure Code Expose Enhancements Filter Scheduler Monitoring/Metering (Ceilometer) Object Storage Policy Key Encryption & Management Advanced Services in VMs Intelligent Workload Scheduling Metrics 10 VPN-as-a-Service (with Intel® QuickAssist Technology) Web Messaging (Zaqar) Messaging (Oslo)

11 Securing Big Data Big Data Overview – Aggregators Mostly NRDBMS Implemtations – Not only – Structured Query Language (NoSQL) NRDBMS Examples – Column Family Stores: BigTable (Google), Cassandra & HBase (Apache) – Key-Values Stores: App Engine DataStore (Google) & DynamoDB – Document Databases: CouchDB, MongoDB – Graph Databases: Neo4J

12 Securing Big Data Big Data Overview – Serial Processing Hadoop – Hadoop Distributed File System (HDFS) – Hive – DW – Pig – Querying Language Riak – Parallel Processing HadoopDB – Analytics Google MapReduce Apache MapReduce Splunk (for Security Information / Event Management [SIEM])

13 Securing Big Data

14

15

16

17

18 Source: Cloudera

19 Source: Wikispaces

20 Source: Google

21 Source: Cloudera

22 Source: Flickr

23 Securing Big Data Securing Cloud-Based NRDBMS Solutions – General Focus on Application / Middleware-Level Security – Single Sign-on (SSO) – SQL Injections Are Still Possible – Leverage Application IAM for NRDBMS User Rights Mgmt (URM) – Leverage Application & System Logging for Accounting Segregation of Duties – Read / Write Namespaces – Read-Only Namespaces – Specific Cryptography & Obfuscation – Homomorphic Encryption – Stateless Tokenization

24 SSO Standards & Categories: – Network: LDAP, Kerberos, RADIUS, RDBMS – e.g., OpenLDAP, AD, Tivoli Access Manager – Federated: SAML, OpenID, OAuth, WS-Federated, XACML – e.g., Keycloak, PingFederate, ADFS, RSA Federated SSO: Good, Bad & Ugly

25 Source: Microsoft

26 SSO: Good, Bad & Ugly Source: OASIS

27 SSO: Good, Bad & Ugly Source: OASIS

28 Source: Apache

29

30

31

32 Securing Big Data

33

34

35

36 + =

37

38

39

40

41

42

43

44 Presentation Take-Aways – Big Data is Here to Stay – It Has to be Secure – Segregation of Data – Access Controls – Separation / Segregation of Duties – Federated Identities – Logging – Crypto v2.0 – Homomorphic Encryption – Stateless Tokenization Securing Big Data

45 Questions? Contact – Email: steve@ncontrol-llc.com – Twitter: markes1 – LI: http://www.linkedin.com/in/smarkey

Download ppt "Securing Native Big Data Deployments Steven C. Markey, MSIS, PMP, CISSP, CIPP/US, CISM, CISA, STS-EV, CCSK, Cloud + Principal, nControl, LLC Adjunct Professor."

Similar presentations

Big Data Training Course for IT Professionals Name of course : Big Data Developer Course Duration : 3 days full time including practical sessions Dates.

Big Data Training Course for IT Professionals Name of course : Big Data Developer Course Duration : 3 days full time including practical sessions Dates.
1 1 Apache Hadoop and the Emergence of the Enterprise Data Hub Eli Collins, Chief Technologist ©2014 Cloudera, Inc. All rights reserved.

1 1 Apache Hadoop and the Emergence of the Enterprise Data Hub Eli Collins, Chief Technologist ©2014 Cloudera, Inc. All rights reserved.
Real-Time Big Data Use Cases John Leach CTO, Splice Machine.

Real-Time Big Data Use Cases John Leach CTO, Splice Machine.
Securing Big Data KAIZEN APPROACH, INC.. Big Data Defined Big data is where the data volume, acquisition velocity, or data representation limits the ability.

Securing Big Data KAIZEN APPROACH, INC.. Big Data Defined Big data is where the data volume, acquisition velocity, or data representation limits the ability.
Big Data Management and Analytics Introduction Spring 2015 Dr. Latifur Khan 1.

Big Data Management and Analytics Introduction Spring 2015 Dr. Latifur Khan 1.
FAST FORWARD WITH MICROSOFT BIG DATA Vinoo Srinivas M Solutions Specialist Windows Azure (Hadoop, HPC, Media)

FAST FORWARD WITH MICROSOFT BIG DATA Vinoo Srinivas M Solutions Specialist Windows Azure (Hadoop, HPC, Media)
Jennifer Widom NoSQL Systems Overview (as of November 2011 )

Jennifer Widom NoSQL Systems Overview (as of November 2011 )
© 2009 VMware Inc. All rights reserved Big Data’s Virtualization Journey Andrew Yu Sr. Director, Big Data R&D VMware.

© 2009 VMware Inc. All rights reserved Big Data’s Virtualization Journey Andrew Yu Sr. Director, Big Data R&D VMware.
14 - 1 Chapter 14 The Second Component: The Database.

Chapter 14 The Second Component: The Database.
Mihai Pintea. 2 Agenda Hadoop and MongoDB DataDirect driver What is Big Data.

Mihai Pintea. 2 Agenda Hadoop and MongoDB DataDirect driver What is Big Data.
Architecting for the Internet of Things

Architecting for the Internet of Things
NoSQL and NewSQL Justin DeBrabant CIS 570 - Advanced Systems - Fall 2013.

NoSQL and NewSQL Justin DeBrabant CIS Advanced Systems - Fall 2013.
Fraud Detection in Banking using Big Data By Madhu Malapaka For ISACA, Hyderabad Chapter Date: 14 th Dec 2014 Wilshire Software.

Fraud Detection in Banking using Big Data By Madhu Malapaka For ISACA, Hyderabad Chapter Date: 14 th Dec 2014 Wilshire Software.
Big Data, Data Warehouses, and Business Intelligence Systems Chapter Eight DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 7 th Edition.

Big Data, Data Warehouses, and Business Intelligence Systems Chapter Eight DAVID M. KROENKE and DAVID J. AUER DATABASE CONCEPTS, 7 th Edition.
Introduction to Building a BI Solution 권오주 OLAPForum www.olapforum.com.

Introduction to Building a BI Solution 권오주 OLAPForum
CS 405G: Introduction to Database Systems 24 NoSQL Reuse some slides of Jennifer Widom Chen Qian University of Kentucky.

CS 405G: Introduction to Database Systems 24 NoSQL Reuse some slides of Jennifer Widom Chen Qian University of Kentucky.
Securing Databases in the Cloud Steven C. Markey, MSIS, PMP, CISSP, CIPP, CISM, CISA, STS-EV, CCSK, CompTIA Cloud Essentials Principal, nControl, LLC Adjunct.

Securing Databases in the Cloud Steven C. Markey, MSIS, PMP, CISSP, CIPP, CISM, CISA, STS-EV, CCSK, CompTIA Cloud Essentials Principal, nControl, LLC Adjunct.
David Besemer, CTO On Demand Data Integration with Data Virtualization.

David Besemer, CTO On Demand Data Integration with Data Virtualization.
Business Intelligence: The Next Big Thing (Really!) John Bair CTO, Ajilitee Sep 14, 2012 Presented to TDWI St. Louis Chapter.

Business Intelligence: The Next Big Thing (Really!) John Bair CTO, Ajilitee Sep 14, 2012 Presented to TDWI St. Louis Chapter.
Hive: A data warehouse on Hadoop Based on Facebook Team’s paperon Facebook Team’s paper 8/18/20151.

Hive: A data warehouse on Hadoop Based on Facebook Team’s paperon Facebook Team’s paper 8/18/20151.

Similar presentations

Ads by Google