Security and Privacy Aspects in MapReduce on Clouds: A Survey

TL;DR

This survey reviews security and privacy challenges in MapReduce on clouds, discussing threats, requirements, existing protocols, and their overheads to ensure data protection in distributed cloud computations.

Contribution

It provides a comprehensive overview of security and privacy issues in MapReduce on clouds, including challenges, adversarial models, and a review of existing solutions and their overheads.

Findings

Security and privacy are critical in cloud-based MapReduce.

Existing protocols have trade-offs between security and performance.

There is a need for more efficient security solutions in MapReduce.

Abstract

MapReduce is a programming system for distributed processing large-scale data in an efficient and fault tolerant manner on a private, public, or hybrid cloud. MapReduce is extensively used daily around the world as an efficient distributed computation tool for a large class of problems, e.g., search, clustering, log analysis, different types of join operations, matrix multiplication, pattern matching, and analysis of social networks. Security and privacy of data and MapReduce computations are essential concerns when a MapReduce computation is executed in public or hybrid clouds. In order to execute a MapReduce job in public and hybrid clouds, authentication of mappers-reducers, confidentiality of data-computations, integrity of data-computations, and correctness-freshness of the outputs are required. Satisfying these requirements shield the operation from several types of attacks on data and MapReduce computations. In this paper, we investigate and discuss security and privacy challenges and requirements, considering a variety of adversarial capabilities, and characteristics in the scope of MapReduce. We also provide a review of existing security and privacy protocols for MapReduce and discuss their overhead issues.