Published Paper PDF: https://ijrmeet.org/wp-content/uploads/2025/07/IJRMEET0725010008_Implementing%20Role-Based%20Access%20Control%20in%20Cloud-Native%20Big%20Data%20Warehouses.pdf
DOI: https://doi.org/10.63345/ijrmeet.org.v13.i7.1
Shivam Agarwal
Independent Researcher
Gandhi Road, Baraut
Abstract
Role-Based Access Control (RBAC) has emerged as a cornerstone of enterprise security frameworks, ensuring that users receive only the permissions essential for their roles. In cloud-native big data warehouses—platforms designed to ingest, process, and analyze petabyte-scale datasets—implementing RBAC is critical for safeguarding sensitive information, maintaining regulatory compliance, and optimizing operational efficiency. This manuscript examines the design, implementation, and evaluation of RBAC within cloud-native big data warehouse environments. Drawing on both qualitative architectural survey and quantitative performance metrics, we explore how RBAC policies affect system throughput, query latency, and security incident rates. We present a mixed-methods methodology, incorporating case-study analysis of three leading cloud-native warehouse providers and a controlled statistical experiment simulating user workloads with varying permission granularity. Our findings indicate that fine-grained RBAC policies can reduce unauthorized access attempts by up to 85% while incurring a query-latency overhead of less than 7%. We also discuss best practices for policy definition, attribute-to-role mapping, and dynamic policy updates in elastic architectures. Finally, we address practical limitations—such as policy explosion and management complexity—and outline future research avenues, including automated policy generation and AI-driven anomaly detection.
Keywords
Role-Based Access Control; Cloud-Native; Big Data Warehouse; Security; Performance Optimization
References
- https://www.foxpass.com/hs-fs/hubfs/RBAC_blog_diagram%20(2).png?width=687&name=RBAC_blog_diagram%20(2).png
- https://media.geeksforgeeks.org/wp-content/uploads/20210720152617/datawarehouse.jpg
- Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role-based access control models. IEEE Computer, 29(2), 38–47. https://doi.org/10.1109/2.485845
- Zhang, K., Sakr, S., & Al-Nuaimy, W. (2014). Enhancing security in Hadoop: A survey of role-based access control approaches. Journal of Big Data, 1(1), 1–15. https://doi.org/10.1186/s40537-014-0001-1
- Tan, S., & Rao, R. (2017). Tag-based role hierarchy for fine-grained access control in Apache Hive. Proceedings of the 2017 IEEE International Conference on Big Data, 2765–2772. https://doi.org/10.1109/BigData.2017.8258381
- Lee, J., & Robinson, P. (2019). Policy explosion in cloud data platforms: Challenges and mitigation strategies. ACM Computing Surveys, 52(4), 1–34. https://doi.org/10.1145/3345319
- Chen, L., Xu, H., & Li, Y. (2021). Performance impact of RBAC enforcement in cloud data warehouses. IEEE Transactions on Cloud Computing, 9(2), 567–579. https://doi.org/10.1109/TCC.2020.2999276
- Muñoz, F., Gómez, P., & Martínez, A. (2022). Evaluating access control overheads under multi-tenant workloads in Google BigQuery. International Journal of Cloud Applications and Computing, 12(3), 45–60. https://doi.org/10.4018/IJCAC.2022070104
- Amazon Web Services. (2020). Amazon Redshift Database Developer Guide: Managing Access with IAM. Retrieved from https://docs.aws.amazon.com/redshift/latest/dg/c-using-iam.html
- Google Cloud. (2021). Identity and Access Management for BigQuery. Retrieved from https://cloud.google.com/bigquery/docs/access-control
- Snowflake Inc. (2022). Snowflake Security Guide: Role-Based Access Control. Retrieved from https://docs.snowflake.com/en/user-guide/security-access-control-rbac.html
- Joshi, J. B. D., Ahn, G.-J., & Sandhu, R. S. (2005). A strategic framework for role engineering. ACM Transactions on Information and System Security, 10(4), 1–41. https://doi.org/10.1145/1115769.1115772
- Wang, Y., & Sun, X. (2018). Dynamic RBAC policy enforcement in elastic cloud environments. Future Generation Computer Systems, 79, 130–141. https://doi.org/10.1016/j.future.2017.09.052
- Crampton, J., & Khambhammettu, H. (2016). A practical approach to managing authorization in data lakes. Proceedings of the 21st ACM Symposium on Access Control Models and Technologies, 125–136. https://doi.org/10.1145/2892200.2892213
- Ferraiolo, D. F., Kuhn, R., & Chandramouli, R. (2007). Role-Based Access Control (2nd ed.). Artech House.
- Bertino, E., Ferrari, E., & Atluri, V. (2001). The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security, 3(1), 3–28. https://doi.org/10.1145/362373.362376
- Hu, V. C., Kuhn, D. R., & Ferraiolo, D. F. (2017). Assessment of access control systems. NIST Interagency/Internal Report (NISTIR 7316). Gaithersburg, MD: National Institute of Standards and Technology.
- Kuhn, D. R., Coyne, E. J., & Weil, T. R. (2010). Adding attributes to role-based access control. Computer, 43(6), 79–82. https://doi.org/10.1109/MC.2010.179
- Boicea, A., & Gaitan, V. (2013). Access control in cloud computing: A survey. Proceedings of the 2013 International Conference on Intelligent Networking and Collaborative Systems, 104–109. https://doi.org/10.1109/INCoS.2013.38
- Zhang, X., Rahman, M. A., & Zhao, Z. (2020). Attribute-role mapping for automated policy generation in big data platforms. Journal of Systems and Software, 162, 110544. https://doi.org/10.1016/j.jss.2019.110544
- Alkhawlani, S., & Alghathbar, K. (2019). Compliance-aware RBAC in healthcare data environments. Journal of Medical Systems, 43(9), 280. https://doi.org/10.1007/s10916-019-1452-3
- Hasan, R., & Islam, N. (2021). AI-driven anomaly detection to augment RBAC in cloud warehouses. IEEE Access, 9, 114567–114579. https://doi.org/10.1109/ACCESS.2021.3100321
.png?width=687&name=RBAC_blog_diagram%20(2).png){kind=link}
