Privacy Issues In The Social Media Cloud

Published Date: 02 Nov 2017

With the world becoming one large social network through the use of the Internet and several Terra-bytes of personal information in numerous different forms being uploaded every day, security is fast becoming the biggest concern. Intensive research is being conducted in the fields of Cryptology and Encryption. Recently, many of the popular social networking sites have shown their security weaknesses with millions of users’ personal data being compromised. Companies that store 'Big Data' for analysis have a lot of sensitive data. With the increasing need for better security and privacy measures, it is only natural that research relating to these fields is on the rise. This paper is a literature survey of the concept of Big Data and its relevance in security systems.

Keywords: security, privacy, cloud, big data, literature survey

Introduction

In this survey, 4 papers have been dissected and compared. They are research reports from a few of the best security companies in the world. Varonis®'s ''Big Data and Infosecurity: Research Report''[2] contains information about a survey conducted at Infosecurity Europe 2012, RSA's ''Getting Real About Security Management and 'Big Data' – A roadmap for 'Big Data' in Security Analytics''[4] is a thorough report on how to get the most out of 'Big Data', Aveska's white paper ''Ensuring 'Big Data' Security with Identity and Access Management''[5] describes the companies IAM approach to Big Data and Securosis's ''Securing Big Data: Security Recommendations for Hadoop and NoSQL Environments''[6] is a very detailed report on the issues in architectural and operational security relating to Big Data. A 2013 IEEE paper on "Big Data Privacy Issues in Public Social Media"[2]talks about privacy issues in social media.

Big Data: What is it?

Big Data is often described as data with ''Volume, Velocity and Variety.'' Securosis[6] says that Big Data is, ''In a nutshell: big, cheap, and easy data management'', but that doesn't quite cover it. Aveska[5] calls it the ''large, complex and varied sets of information that organizations are collecting today, and which require new and innovative technologies to analyze, process, and understand.'' Big Data does not come from a single source and cannot be stored in a single format.

Source: Aveska[5]

Privacy Issues in the Social Media Cloud

Cryptography has always been a very important field in Computer Science, and it is especially relevant now, with the advent of social networking sites on the Internet. These sites collect a lot of information from the users, which is stored using the cloud. This data cannot be stored in a typical relational database and tends to be rather unstructured. Big Data is the name given to these datasets that are "so large that they can no longer be handled effectively or even completely "[3]

There are three main issues with privacy and security in social media sites on the Internet.

While most social networks allow us to control who views our information, we do not know how the controller of our information is using it - the collected data is often used for business and market analytics. With the users of these social networking sites becoming increasingly aware, it has become very important for us to take privacy and security concerns seriously.

In the paper "Big Data Privacy Issues in Public Social Media"[1], the authors discuss another security concern: Controlling and governing access and sharing of personal data that someone other than the owner of the data posts online. Everyone has a smartphone today, and they constantly share information that violates the privacy of others. The paper also suggests a remedy to this problem using geo-tagging.

Thirdly, and most importantly, we need to avoid the leakage of the vast amounts of data that we share, post and store on these sites. Many of the leading social networking sites have fallen victim to hackers who have stolen private information pertaining to millions of users, in spite of the data being encrypted.

The common principles of privacy include restrictions like limited ‘use, disclosure and retention’ of personal data, and keeping the users informed about what they’re using their personal data for, and getting their consent to use it in this manner.

Big Data: How is it related to security?

Enterprises that store Big Data have a lot to worry about. The data is usually rather confidential. The effect if this information leaks would be disastrous.

RSA[4] states that ''Big Data does not equate simply to 'lots of data.' It demands significantly more intelligent analytics to sot security threats early on, with the infrastructure to collect and process data at scale.'' In the survey conducted by Varonis[2], it was found that the main uses of Big Data in Security were to: ''find at risk sensitive data, identify possible malicious activity ad find users with excessive access rights.'' Aveska[5]'s white paper says that ''organizations need a modern, scalable and comprehensive IAM platform.'' We can infer that these companies are well aware of the benefits offered by Big Data analytics. By storing logging information and other such real-time data, we are moving towards a tomorrow with better security solutions.

Securosis identifies the main architectural issues as follows:

The distribution of the nodes across various systems

Data that has been ‘sharded’ across various systems

Access to the stored data

Communication between the distributed nodes

NoSecurity during implementation [6]

It identifies the main operational security issues as follows:

Lack of protection for the static data which is at rest in a system

The unlimited access given to the administrators

Lack of authentication for access to applications, except for passwords [6]

''An efficient Big Data System''

Source: RSA[4]

Conclusion and Future Work

All these papers agree that improved, scalable infrastructures and Identity and Access Management (IAM) are two ways to successfully impose security on Big Data. Also, there is an urgent need for a security algorithm that can work across multiple nodes and formats for Big Data, which keeps moving around. IBM predicts that the three areas of interest in Big Data should be the increasing volume of data, mining this data or analyzing it and privacy. [7] Along with cloud computing, Big Data has become one of the must-implement technologies of today.