Agile composition of compliant data analytics platforms

Abstract

Sensitive data such as health records and financialtransactions are increasingly being stored and processed inthe cloud. Correspondingly, laws and regulations have beenestablished to protect such data. For a cloud-based analyticsservice provider, it is of paramount importance to protect thesensitive information contained in customer data, while runninganalytics on it. While there exist a plethora of technologies tosafeguard data, regulatory rules are not always defined in cleartechnical terms, and different regulations may impose different(or sometimes conflicting) rules on the analytics platform. Therefore, it remains a challenge in developing a platform that cansupport various security and compliance-enabling mechanisms, in a agile fashion, to reduce maintenance effort as well asimproving scalability and performance. To address this challenge, we introduce the design and implementationof a cloud-based middleware platform that supportson-demand composition and configuration of security mechanismsto ease regulatory compliance enablement. We discussat length our experiences and lessons learned from using ourplatform to deploy secure analytics systems at IBM and highlightthe benefits of our approach by discussing the performanceimpact and trade-offs of different security mechanisms withrespect to regulatory compliance.