Publication
CLOUD 2019
Conference paper

Cognitive compliance: Analyze, monitor and enforce compliance in the cloud

View publication

Abstract

IT compliance is an area of increasing attention and capital spend in enterprise IT environments. Enforcing compliance is a complex process, which involves following regulatory requirements coming from many, often overlapping sources, and mapping those requirements against a controls framework that implements them on the ground. In this paper, we propose a solution for streamlining the process of analyzing, monitoring and enforcing compliance in the cloud. We rely on text classification methodologies to match both regulatory requirements and controls against a common hierarchy. Finally, we explain how to use the text classification techniques to analyze the regulatory requirements, and match them to executable code that enforces these requirements in the cloud infrastructure components, such as in virtual machines and containers.

Date

Publication

CLOUD 2019

Authors

Share