Methods are provided for enabling secure big data analytics in the cloud. A method includes reading a secure file, by a Secure Distributed File System in a public cloud service provider. The reading step includes computing a hash of a name of the secure file to obtain a hashed file name, finding metadata for the secure file using the hashed file name, retrieving a sharing policy identifier from the metadata, and obtaining authorization from an external entity to decrypt the secure file. The reading step further includes extracting a security key and encrypted data file names from the metadata using the sharing policy identifier, requesting one or more encrypted data files that form the secure file from a node of the public cloud service provider, and at least one of decrypting and reconstructing plaintext data for the secure file from the one or more encrypted data files.