AccountableMR: Toward accountable MapReduce systems

Traditional security techniques (e.g., authorization and encryption) have been extensively used in data management systems to provide security and privacy for many years. However, recent security breaches (e.g., WikiLeaks) showed that even if perfect access control is achieved, malicious insiders can still infer sensitive information and can misuse this sensitive information. To address this issue, accountability is introduced to deter inappropriate use of data through provision of usage control, privacy-aware interfaces, and careful monitoring and auditing. In this paper, we propose an accountable MapReduce architecture, where specific data usage is allowed after fine-grained transparent authorizations (i.e., individual record level), and such data usage are subject to effective accountability assessments by those who seek to assure privacy and security policy compliance. Our architecture enhances the MapReduce systems with the purpose concept (i.e., usage restrictions), authorize the users in fine-grained manner, and verifies the output of previously run jobs at post authorization time for detecting authorization and purpose breaches. Our empirical results show that in combination with traditional security features, AccountableMR can efficiently enhance the security and accountability of MapReduce model.