Large data sets may exist in various levels of size and organization. With big data comprising data sets as large as ever, the volume of data collected incident to the increased popularity of online and electronic transactions continues to grow. Billions of rows and hundreds of thousands of columns worth of data may populate a single table, for example. Different users may desire to access different portions of the large volume of data populating the table. However, different portions of the table may have different security restrictions. For instance, some portions may contain personally identifiable information that should have higher security. Portions of the table and/or the entire table may be encrypted at rest. Different users may have different permissions specific to their roles, identities, and the row and/or column of the table desired to be accessed. However, the size and varied structure of big data sets is often incompatible with traditional data protection techniques.
Moreover, once access controls are in place enforcement can be difficult in any data environment. Permissions may change over time. For example, a developer may have access to sensitive information for the duration of a specific project, during which he appropriately makes a copy of the data file in his folder. The developer may later have that permission to access the data removed after completing the project, for example. However, the developer would still have access to the copied file, of which he is the owner, in traditional file systems. Since the developer has inadvertently copied restricted data to a new location, and owns the file in which it is stored and/or changes the access permissions for the file, typical systems may not detect his access. Similarly, a user with access permissions may copy a file into an unauthorized user's directory with the unauthorized user designated as the owner. Thus, the unauthorized user would have impermissible access to restricted data in many existing file systems.