About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
IC2E 2017
Conference paper
Agile composition of compliant data analytics platforms
Abstract
Sensitive data such as health records and financialtransactions are increasingly being stored and processed inthe cloud. Correspondingly, laws and regulations have beenestablished to protect such data. For a cloud-based analyticsservice provider, it is of paramount importance to protect thesensitive information contained in customer data, while runninganalytics on it. While there exist a plethora of technologies tosafeguard data, regulatory rules are not always defined in cleartechnical terms, and different regulations may impose different(or sometimes conflicting) rules on the analytics platform. Therefore, it remains a challenge in developing a platform that cansupport various security and compliance-enabling mechanisms, in a agile fashion, to reduce maintenance effort as well asimproving scalability and performance. To address this challenge, we introduce the design and implementationof a cloud-based middleware platform that supportson-demand composition and configuration of security mechanismsto ease regulatory compliance enablement. We discussat length our experiences and lessons learned from using ourplatform to deploy secure analytics systems at IBM and highlightthe benefits of our approach by discussing the performanceimpact and trade-offs of different security mechanisms withrespect to regulatory compliance.