Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Improving the Security of Big Data Systems

Verified

Added on 2019/11/20

AI Summary

The report discusses the threats and vulnerabilities associated with the use of big data technologies. The identified threat agents include internal staffs, contractors, operational staffs, national states, script kiddies, and social hackers. These agents can cause grave impacts on an organization's security, with risk probabilities ranging from low to high. To improve security, the report suggests implementing various technologies such as cryptography, encryption keys, better security services, infrastructure, and monitoring of traffic. Additionally, addressing skill shortages through training and education is crucial. The current infrastructure lacks the necessary improvements, resulting in gaps such as data protection vulnerability, lack of computing infrastructure, and inadequate standards.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: BIG DATA SECURITY
Big data security
Name of the student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1BIG DATA SECURITY
Executive summary
The following report discusses about the threats associated with the big data securities. The
chosen organization is the European Union Agency for Network and Information Security
(ENISA). The report also includes a layout of the security architecture of the ENISA. The report
further discusses about the top threats and the threat agents associated with the organization. In
addition, the report also discusses about the present architecture of the concerned organization as
well as the processes that should be implemented it to provide better security benefits and
enhanced features.

2BIG DATA SECURITY
Table of Contents
Introduction:....................................................................................................................................3
Discussion:.......................................................................................................................................3
Overview of the case study:.........................................................................................................4
Threats:........................................................................................................................................6
Threat agents, impacts and threat probability:.............................................................................8
Improvements:...........................................................................................................................10
Current infrastructure:...............................................................................................................12
Conclusion:....................................................................................................................................12
References:....................................................................................................................................14

3BIG DATA SECURITY
Introduction:
The Term big data is used to denote the pictorial representations of the algorithms,
system technologies designated and the collection of large amounts of data, which leads to the
collection of these data using technologies of advanced analysis and parallel computation. The
sources used in the collection of these big data associated includes the distributed multimedia
sensors, communication devices, internet based applications and distributed business process.
Due to the modernization of technologies, the various processes associated with big data are
reaching a stage where the widespread adoption and development is achieved.
The following report discusses about the threats associated with the big data securities.
The chosen organization is the European Union Agency for Network and Information Security
(ENISA). The report also includes a layout of the security architecture of the ENISA. The report
further discusses about the top threats and the threat agents associated with the organization. In
addition, the report also discusses about the present architecture of the concerned organization as
well as the processes that should be implemented it to provide better security benefits and
enhanced features.
Discussion:
The European Union Agency for Network and Information Security (ENISA) is a centre
currently involved in the information and network security associated with the European Union,
private sector, states and the citizens of Europe. ENISA works to communicate the problems
associated with the security among these provincial estates. It also helps the European Union
states to develop the security legislation required to implement the network related and

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4BIG DATA SECURITY
infrastructure related securities. ENISA also supports the development of cross-border
communications by improving the security.
Overview of the case study:
In the report pertaining to the provided case study, ENISA discusses about the various
threats related to the threats in the big data technology. In recent years, big data got much
success in implementation by the businesses. It is supposed to be included in nearly all the
aspects of businesses. The European Commission acknowledged the impact of big data in the
economy of a data included sector (Big Data Threat Landscape and Good Practice Guide, 2016).
The estimated growth of the personal data is expected to grow to €1 trillion by 2020. The big
data technologies are also used in aspects of science and communications to help the sector
achieve tremendous growth. In addition, the military aspects of a nation also utilize the use of big
data technology to help achieve successful information.
Due to the large-scale adoption of the big data technologies in all aspects of the
businesses, the threats and risks associated with this is also increasing. The unethical attackers
are targeting the concerned companies or organizations due to their constant use of the big data
technologies. Due to this increasing concentration of the attacks, the company remains to
undisclose the source and the impact of the attack, which is still the reason for widespread
negligence relating to unavailability of the required information. This report is concerned with
the threat assessment structure followed by the ENISA. The main purpose is to provide the threat
assessment depending on the specifics of the technology concerned.
The regulations of the ENISA legislature aims to deepen the research based on the
emerging technologies of the big data and the threats or risks associated with the cyber security
on these applications (John Walker, 2014). The main discussion of the regulations is to identify

5BIG DATA SECURITY
the current threats in the aspects of the cyber security and to apply the solutions in the
technologies of big data. This will help mitigate the risks and threats involved.
The scope of the ENISA is to identify the risks and threats associated with the European
Union and the other aspects. There is presence of many emerging technologies and the main
scope of ENISA is to provide a detailed risk management methods. The main audience for the
ENISA legislature is the big data providers and the aspects who want to adopt the big data
technologies in their existing infrastructure.

6BIG DATA SECURITY
Fig: Security infrastructure
(Source: Created by the author)
Threats:
This section of the report discusses about the various threats identified by ENISA. These
threats are to be addressed so that the mitigation in the most significant time is possible. In case
of failure to these risks or threats can lead to disastrous threats including the loss of business in a
major way. The threats and risk associated is divided into two different types, the big data leak
and the big data breach. In case of the leak of big data, the information is not stolen but is
disclosed (John Walker, 2014). However, the big data breach defines the unethical stealing of
information in an attempt to get insights from the affected organization.
The unintentional damage or loss of information is one threat that is of concern. These
groups of threats involved do not deliberately pose risks but the use of certain information can
lead to negligence in operation, which can turn to information loss. The first threat under this
group is the human error. This aspect is usually of high risk because of the presence of human
errors. The threats present due to this are not a deliberate attack and rather accidental.
Misconfiguration in the used system and poor skills of work are the most common cause of
human errors. Another threat in this category is the presence of less secure APIs. As the big data
systems are made using web technologies, the presence of unsafe APIs can lead to threats in the
system involved (Lohr, 2012). The last threat identified in this group is the inadequate design
methodologies used. The presence of new technologies is constantly being updated to the process
of big data. The implementations are not always secure and the presence of threats is always
evident.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7BIG DATA SECURITY
The next group is the interception of information by the use of eavesdropping or
hijacking. This is an unethical way to get resources without the knowledge of the affected user.
The next and the most significant threat is the nefarious activities or abuse. These threats
involves the damage or changes in the infrastructure of the affected user. The use of special
abilities or software is usually used to achieve this level of unethical use. The first threat is the
identity fraud. This is occurred due to the use of big data technologies to store the personal
information of the customers involved. The use of tools to affect the console of the stored
information corresponds to granting of immediate access to the user information. This is a very
important reason for the need of security enhancements in the area of big data applications or the
closing of business is evident due to lack of customer trust. The next threat in this group is the
distributed denial of service (DDOS) attacks (Lohr, 2012). These threats exploit the
vulnerabilities in the system and make the unavailability of a core module from the system.
These threats are to be addressed, as the presence of special modules in the system is required to
fight these activities. The next threat is the use of software to gain entry into the system. The use
of infecting software to inject codes or viruses and malware to get the desired information is the
main scope of using these attacks. The next threats are the misuse of the auditing tools as the
need for administrator access is important to get access. Attacks in these aspects can lead to
grave dangers.
In addition, many threats are also included like the legal threats arising due to the
violation in the regulatory laws and the organizational threats present due to the presence of skill
shortage.
Among the threats discussed, the nefarious activities are the most significant as these
threats are usually caused with an attempt to not only get information but also cause grave

8BIG DATA SECURITY
difficulties in business. These threats can lead to major disastrous activities and can lead to
problems associated with the business.
Threat agents, impacts and threat probability:
The threat agents are those people who are associated with the development of a threat in
the system. They are also sometimes associated with past threats and they are grouped under
categories to identify them easily. The first agent is the other corporations who are responsible
for the main competition in the market. Depending on their size and their hold in the market,
they can pose many threats to the concerned corporation (Lohr, 2012). The probability of threat
is usually very high as a company is always dedicated to their improvement and this creates the
need to deform the competitors.
The next group of the attackers is the cyber terrorists and the cyber criminals. The
criminals are usually in this aspect due to their target in financial gain from the corporation
concerned. They are mainly categorized in a local or national level and sometimes international.
However, the cyber terrorists are those individual who are concerned with the changes in the
society and adopt unethical means (Chen, Chiang & Storey, 2012). Their intentions can be
political or religious and their preferred targets are the health services or resource productions as
their failure can lead to grave impacts. Their risk probability is very high.
The next agents are the script kiddies who use the programs or software made from
others to make deformities in the system. Their impacts are not much as a large company is not
impacted by small and petty individuals. Their threat probability is low.
The next agents are the social hackers who use the internet to drive context against the
organizations. They are very dangerous as internet can be used to deform the public image of the

9BIG DATA SECURITY
concerned organization. Due to the presence of good customer services in nearly all
organizations, the threat probability is medium.
The staffs, contractors and the operational staffs are also a threat agents as they have
inside information relating to the company and can lead to problems in case of emotional
instabilities.
The last threat agents are the national states as the use of cyber weapons can be used by
them without notifying the concerned corporation. Their threat probability is medium, as this
does not occur constantly. The threat probabilities in cases of the identified threats are listed
below.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10BIG DATA SECURITY
Fig: Threat probability of the agents
(Source: Big Data Threat Landscape and Good Practice Guide, 2016)
Improvements:
The improvements in the architecture include adoption of many technologies in the
system to help facilitate the enhancement in the security. The different governing bodies like the
COBIT 5 or the ISO made technical reports regarding the suggested improvements to be applied
in the infrastructure. As the big data technologies involve the use of constant data retrieval from

11BIG DATA SECURITY
various aspects, the need for increased security is important (Big Data Threat Landscape and
Good Practice Guide, 2016). The various threats discussed in the report can be improved by
applying the proposed improvements.
Information leakage due to human errors can be improved by the application of
cryptography in the process. This facilitates the entry to the system to registered users only. In
addition, the use of encryption keys is also suggested for enhancing the security of the system.
The leaks of data in web application and the inadequate designs also implement the use of
cryptography to increase the level of protection in the system (Chen, Chiang & Storey, 2012).
Along with this, the use of better security services and infrastructure is required to improve the
system.
In cases of the eavesdropping and hijacking threat, the use of cryptography along with the
network security management is used to enhance the threat in this section.
In the case of nefarious activities like the identity fraud, information classification is
applied where the information will be given a layer of security like that provided in the private
cloud. The DDOS attacks can be counter measured by the use of reverse techniques to fight
them. Monitoring of traffic, rate limiting, ingress filtering are the common practices to protect a
system from DDOS attacks. In addition, the malicious software use can be improved by
improving awareness where the use of security features is to be implemented by the users and the
customers.
The legal threats involve the usage of information on all the branches of the business.
This creates a problem, which can be mitigated by data residency where the data pertaining to an
area is not reflected manually in the other regions. This helps in doing business according to the

12BIG DATA SECURITY
area criteria. In addition, the skill shortage is to be addressed by better training and education
along with the awareness in information security.
Current infrastructure:
The current infrastructure is not up to the level needed for the improvements in the
security level. This creates the presence of gaps in the system. The first gap present in the system
is the data protection vulnerability. As big data is involved with the use of data mining, security
is also to be referenced in that aspect as well (Big Data Threat Landscape and Good Practice
Guide, 2016). The use of well-integrated software and hardware is to be used to address these
vulnerabilities.
The next gap is cryptography as the use of it adds negative aspects to the performance of
the system. The scalability of the system is also affected by the use of it as it adds a complex
nature to the system.
The last gap is the lack of computing infrastructure as the big data vendors uses different
versions and are not security efficient to the level needed. The lack of standards is another aspect
faced by this gap.
Conclusion:
Thus, it is concluded from the report that the use of big data is a great choice for the
implementation of the services as required. The sources used in the collection of these big data
associated includes the distributed multimedia sensors, communication devices, internet based
applications and distributed business process. These sources are thus required to do business in a
systematic process. However, the problems faced from the use of big data are also very grave. In
case of any problem faced, the unethical use related to the use of big data can lead to disastrous

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13BIG DATA SECURITY
effects. This security related features are to be enhanced so that the use of such technologies can
be continued without the emergence of any problems.

14BIG DATA SECURITY
References:
Big Data Threat Landscape and Good Practice Guide. (2016). Retrieved from http://Big%20Data
%20Threat%20Landscape.pdf
Boyd, D., & Crawford, K. (2012). Critical questions for big data: Provocations for a cultural,
technological, and scholarly phenomenon. Information, communication & society, 15(5),
662-679.
Chen, H., Chiang, R. H., & Storey, V. C. (2012). Business intelligence and analytics: From big
data to big impact. MIS quarterly, 36(4).
Dumbill, E. (2013). Making sense of big data.
Gantz, J., & Reinsel, D. (2012). The digital universe in 2020: Big data, bigger digital shadows,
and biggest growth in the far east. IDC iView: IDC Analyze the future, 2007(2012), 1-16.
John Walker, S. (2014). Big data: A revolution that will transform how we live, work, and think.
Labrinidis, A., & Jagadish, H. V. (2012). Challenges and opportunities with big
data. Proceedings of the VLDB Endowment, 5(12), 2032-2033.
Lazer, D., Kennedy, R., King, G., & Vespignani, A. (2014). The parable of Google Flu: traps in
big data analysis. Science, 343(6176), 1203-1205.
Lohr, S. (2012). The age of big data. New York Times, 11(2012).
Marx, V. (2013). Biology: The big challenges of big data. Nature, 498(7453), 255-260.
Marz, N., & Warren, J. (2015). Big Data: Principles and best practices of scalable realtime data
systems. Manning Publications Co..
McAfee, A., Brynjolfsson, E., & Davenport, T. H. (2012). Big data: the management
revolution. Harvard business review, 90(10), 60-68.

15BIG DATA SECURITY
Murdoch, T. B., & Detsky, A. S. (2013). The inevitable application of big data to health
care. Jama, 309(13), 1351-1352.
Provost, F., & Fawcett, T. (2013). Data science and its relationship to big data and data-driven
decision making. Big Data, 1(1), 51-59.
Swan, M. (2013). The quantified self: Fundamental disruption in big data science and biological
discovery. Big Data, 1(2), 85-99.
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions
on knowledge and data engineering, 26(1), 97-107.

1 out of 16

+13062052269

info@desklib.com

Improving the Security of Big Data Systems

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Cybersecurity & Data Protection in Industry 4.0

Improving ENISA Big Data Security Threat Detection and Prevention

Top Threats in ENISA: Cybersecurity Risks and Mitigation Strategies

Optimizing Database Storage: A Study on Big Data Integration

Enhancing Network and Information Security (NIS) through Secure APIs

Big Data and Information Security Risks