NSA Extends Label-Based Security to Big Data Stores
IDG News Service (09/06/11) Joab Jackson
The U.S. National Security Agency (NSA) recently submitted Accumulo, new label-based data store software, to the Apache Software Foundation, hoping that more parties will continue to develop the technology for use in future secure systems. "We have made much progress in developing this project over the past [three] years and believe both the project and the interested communities would benefit from this work being openly available and having open development," say the NSA developers. Accumulo, which is based on Google's BigTable design, is a key/value data store, in which providing the system with the key will return the data associated with that key. Accumulo also can be run on multiple servers, making it a good candidate for big data systems. The system's defining feature is the ability to tag each data cell with a label, and a section called column visibility that can store the labels. "The access labels in Accumulo do not in themselves provide a complete security solution, but are a mechanism for labeling each piece of data with the authorizations that are necessary to see it," the NSA says. The new label-based storage system could be the basis of other secure data store-based systems, which could be used by healthcare, government agencies, and other parties with strict security and privacy requirements.
IDG News Service (09/06/11) Joab Jackson
The U.S. National Security Agency (NSA) recently submitted Accumulo, new label-based data store software, to the Apache Software Foundation, hoping that more parties will continue to develop the technology for use in future secure systems. "We have made much progress in developing this project over the past [three] years and believe both the project and the interested communities would benefit from this work being openly available and having open development," say the NSA developers. Accumulo, which is based on Google's BigTable design, is a key/value data store, in which providing the system with the key will return the data associated with that key. Accumulo also can be run on multiple servers, making it a good candidate for big data systems. The system's defining feature is the ability to tag each data cell with a label, and a section called column visibility that can store the labels. "The access labels in Accumulo do not in themselves provide a complete security solution, but are a mechanism for labeling each piece of data with the authorizations that are necessary to see it," the NSA says. The new label-based storage system could be the basis of other secure data store-based systems, which could be used by healthcare, government agencies, and other parties with strict security and privacy requirements.
No comments:
Post a Comment