Access control management as a service for NoSQL big data

Abstract

In this paper we have proposed an architecture of an efficient access control management component in order to enable Access Control Management as a Service (ACMaaS) for NoSQL based database used for Big Data as a service in case of enterprise solutions. In a trivial enterprise solution the security is more sensitive and there are multi-level of access control policies that need to be enforced on a single piece of data or resource. However, this access control is inherently complex when it is a part of Big Data as a service (BDaaS). In order to implement a successful framework for BDaaS, it is mandatory to provide real time and on-demand access control management approach that should take care of user identity, data integration, data sanitation, multi-tenancy, relation between accessing user, application or service and the target resource that is to be accessed, accurate management of policy conflict, dynamic organization of mutually exclusive as well as inclusive policies and service endpoint for flexible integration and configuration. In our proposed work, we have tried to focus on these requirements of a modern Big Data based access control management system. In addition, along with Big Data, NoSQL based database has brought more feature on table, implementing access control management in relation database and NoSQL database are completely different. Therefore, in this paper we have presented a NoSQL based access control management component. The proposed component can be easily integrated with existing BDaaS and can provide services for access control management. The component provides policy specification and generates dynamic policy based on permission and access control rules. Along with attribute, user role, field level access control rule, it also considers relations between data and accessor.