Enhancing Big Data Security through Comprehensive Data Protection Measures: A Focus on Securing Data at Rest and In-Transit
DOI:
https://doi.org/10.47941/ijce.1920Keywords:
Big Data Security, Data Protection, Secure Data Transfer, Data at Rest, Data in TransitAbstract
Purpose: This research paper aims to enhance Big Data security by implementing comprehensive data protection measures, focusing on securing data at rest and in transit. In the era of Big Data, organizations handle vast quantities of data characterized by high velocity, volume, and variety, which complicates management and increases security risks.
Methodology: The study examines various data protection strategies, including encryption, access control, data masking, immutable storage, tokenization, and physical security for data at rest. For data in transit, it explores encryption protocols, secure transfer methods like SSH and TLS, VPNs, Zero Trust architecture, and secure APIs. These methods are crucial for safeguarding sensitive information and preventing unauthorized access.
Findings: The findings highlight common security challenges in Big Data, such as data breaches, unauthorized access, and integrity issues. The study emphasizes the need for robust protection measures and offers a comprehensive view of the data security landscape. Implementing these strategies helps organizations safeguard sensitive information and ensure compliance with international data protection regulations, enhancing their overall security posture.
Unique contribution to theory policy and practice: This paper contributes to theory, policy, and practice by advocating comprehensive data protection strategies. It stresses the importance of continuous monitoring and regulatory compliance, providing practical insights into best practices and technologies that protect Big Data. The research supports developing robust data protection policies and practices, advancing knowledge in Big Data security.
Downloads
References
Intetics, "Big Data: Security Issues and Challenges," Intetics Blog, Apr. 2023. [Online]. Available: https://intetics.com/blog/big-data-security-issues-and-challenges/
Cprime, "Big Data Security: Biggest Challenges and Best Practices," Cprime. [Online]. Available: https://www.cprime.com/
Sertainty, "Understanding the Challenges and Solutions of Big Data Security," Sertainty. [Online]. Available: https://www.sertainty.com/
New Softwares, "Big Data Explained: Security Challenges and Solutions in Presentations," New Softwares. [Online]. Available: https://www.newsoftwares.net/
M. Devs, "Big Data Security: Best Practices," Mad Devs Blog, Sep. 2023. [Online]. Available: https://maddevs.io/blog/big-data-security-best-practices/
A. Coos, "How to Protect Your Data at Rest," Endpoint Protector, June 2021. [Online]. Available: https://www.endpointprotector.com/
N. Lord, "Data Protection: Data In Transit vs. Data At Rest," Digital Guardian Blog, May 2023. [Online]. Available: https://www.digitalguardian.com/blog/data-protection-data-in-transit-vs-data-at-rest/
Teradata, "Data Security: Data At Rest," Teradata Insights. [Online]. Available: https://www.teradata.com/insights/data-security/data-at-rest
C. Brook, "Data In Transit & How to Protect It," Digital Guardian, July 2023. [Online]. Available: https://www.digitalguardian.com/blog/data-in-transit-and-how-to-protect-it
TitanFile, "Securing Data in Transit With Encryption: The Ultimate Guide," TitanFile Blog. [Online]. Available: https://www.titanfile.com/blog/data-in-transit-encryption/
Cloudian, "Data Protection Policy: Key Elements to Include and 3 Best Practices," Cloudian. [Online]. Available: https://cloudian.com/
Perisai Cybersecurity, "Essential Data Protection Measures for Security," LinkedIn, [Online]. Available: https://www.linkedin.com/pulse/essential-data-protection-measures-security-perisai-cybersecurity-ua7qc/
S. Nayak and B. Lal, "Implementing a comprehensive information protection strategy," Tata Consultancy Services. [Online]. Available: https://www.tcs.com/
SurveyCTO, "A Comprehensive Approach to Data Security Management," SurveyCTO. [Online]. Available: https://www.surveycto.com/resources/guides/data-security-guide/
Flexential, "How to Build & Maintain Data Security Strategy," Flexential. [Online]. Available: https://www.flexential.com/
N. Chaudhari, "A Cloud Security Approach for Data at Rest Using FPE," IJCCSA, vol. 5, pp. 11-16, 2015.
S. Chaudhari, A. Thakur, and A. Rajan, "Securing Digital Information Using Cryptography Techniques to Enhance IT Security," Research Reports on Computer Science, 2023.
Photopoulos, "Data Security Policy," 2008.
K. Bajaj, "Promoting Data Protection Standards through Contracts: The Case of the Data Security Council of India," Review of Policy Research, vol. 29, pp. 131-139, 2012.
U. T. Mattsson, "Securing Data Beyond PCI in a SOA Environment: Best Practices for Advanced Data Protection," 2008.
K. Nandakumar et al., "Securing data in transit using data-in-transit defender architecture for cloud communication," Soft Computing, vol. 25, pp. 12343-12356, 2021.
W. Stallings, Cryptography and Network Security: Principles and Practice, 7th ed. Pearson Education, 2017.
F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli, "Proposed NIST standard for role-based access control," ACM Transactions on Information and System Security (TISSEC), vol. 4, no. 3, pp. 224-274, 2001.
C. Clifton and T. Tassa, "Dynamic data masking: Maintaining the utility of data while ensuring privacy," Proceedings of the 2008 ACM SIGMOD International Conference on Management of Data, pp. 837-848, 2008.
A. Haq, "Immutable storage: Ensuring data integrity in the cloud," IEEE Cloud Computing, vol. 5, no. 2, pp. 76-80, 2018.
J. Zhou, D. P. Pezaros, and M. M. Theoharidou, "Tokenization as a service: A case study of PCI DSS compliance," Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1217-1228, 2014.
National Institute of Standards and Technology (NIST), "Security and Privacy Controls for Information Systems and Organizations," NIST Special Publication 800-53 Rev. 5, Apr. 2020.
E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.3," RFC 8446, Aug. 2018.
T. Ylonen and C. Lonvick, "The Secure Shell (SSH) Transport Layer Protocol," RFC 4253, Jan. 2006.
S. Kent and R. Atkinson, "Security architecture for the internet protocol," RFC 2401, Nov. 1998.
J. Kindervag, Zero Trust Networks: Building Secure Systems in Untrusted Networks, O’Reilly Media, 2019.
P. C. Zikopoulos and C. Eaton, *Understanding Big Data: Analytics for Enterprise Class Hadoop and Streaming Data*. McGraw-Hill Osborne Media, 2011.
B. Marr, *Big Data: Using SMART Big Data, Analytics and Metrics to Make Better Decisions and Improve Performance*. Wiley, 2015.
M. Chen, S. Mao, and Y. Liu, "Big Data: A Survey," *Mobile Networks and Applications*, vol. 19, no. 2, pp. 171-209, 2014.
A. Katal, M. Wazid, and R. H. Goudar, "Big Data: Issues, Challenges, Tools and Good Practices," in *2013 Sixth International Conference on Contemporary Computing (IC3)*, 2013, pp. 404-409.
B. Grobauer, T. Walloschek, and E. Stocker, "Understanding Cloud Computing Vulnerabilities," *IEEE Security & Privacy*, vol. 9, no. 2, pp. 50-57, 2011.
K. Sood, S. E. Sarma, and T. Karygiannis, "Intrusion Detection Framework for Smart Grid," *IEEE Communications Magazine*, vol. 50, no. 5, pp. 102-108, 2012.
S. A. Ahson and M. Ilyas, *Cloud Computing and Software Services: Theory and Techniques*. CRC Press, 2012.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Preyaa Atri
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
