Showing papers by "Eduardo Fernández-Medina published in 2019"

Secure Development of Big Data Ecosystems

Abstract: A Big Data environment is a powerful and complex ecosystem that helps companies extract important information from data to make the best business and strategic decisions. In this context, due to the quantity, variety, and sensitivity of the data managed by these systems, as well as the heterogeneity of the technologies involved, privacy and security especially become crucial issues. However, ensuring these concerns in Big Data environments is not a trivial issue, and it cannot be treated from a partial or isolated perspective. It must be carried out through a holistic approach, starting from the definition of requirements and policies, and being present in any relevant activity of its development and deployment. Therefore, in this paper, we propose a methodological approach for integrating security and privacy in Big Data development based on main standards and common practices. In this way, we have defined a development process for this kind of ecosystems that considers not only security in all the phases of the process but also the inherent characteristics of Big Data. We describe this process through a set of phases that covers all the relevant stages of the development of Big Data environments, which are supported by a customized security reference architecture (SRA) that defines the main components of this kind of systems along with the key concepts of security.

BlockBD: a security pattern to incorporate blockchain in big data ecosystems

Abstract: Big Data is changing the perspective on how to obtain valuable information from data stored by organizations of all kinds. By using these insights, companies can make better decisions and thus achieve their business goals. However, each new technology can create new security problems, and Big Data is no exception. One of the major security issues in a Big Data ecosystem is what level of trust in data and data sources stakeholders can have: without reliable data, the results of data analysis lose value. In this paper, we propose a security pattern to improve traceability and veracity of data through the use of Blockchain technologies. In this pattern, Blockchain will be used as a distributed ledger where all operations performed on the data will be registered. Therefore, the veracity of the data will increase, as will the confidence in the insights obtained from the analysis. The purpose of this paper is to help Chief Security Officer and Big Data architects incorporate this mechanism to improve the security of their environment.