Design choices for productive, secure, data-intensive research at scale in the cloud

08/23/2019

∙

We present a policy and process framework for secure environments for productive data science research projects at scale, by combining prevailing data security threat and risk profiles into five sensitivity tiers, and, at each tier, specifying recommended policies for data classification, data ingress, software ingress, data egress, user access, user device control, and analysis environments. By presenting design patterns for security choices for each tier, and using software defined infrastructure so that a different, independent, secure research environment can be instantiated for each project appropriate to its classification, we hope to maximise researcher productivity and minimise risk, allowing research organisations to operate with confidence.

READ FULL TEXT

Design choices for productive, secure, data-intensive research at scale in the cloud

ShEF: Shielded Enclaves for Cloud FPGAs

Enabling Secure and Effective Biomedical Data Sharing through Cyberinfrastructure Gateways

A Secure Cloud with Minimal Provider Trust

secureTF: A Secure TensorFlow Framework

SoK: Opportunities for Software-Hardware-Security Codesign for Next Generation Secure Computing

A Framework for the Interoperability of Cloud Platforms: Towards FAIR Data in SAFE Environments

Rpkiller: Threat Analysis from an RPKI Relying Party Perspective

Design choices for productive, secure, data-intensive research at scale in the cloud

Related Research

ShEF: Shielded Enclaves for Cloud FPGAs

Enabling Secure and Effective Biomedical Data Sharing through Cyberinfrastructure Gateways

A Secure Cloud with Minimal Provider Trust

secureTF: A Secure TensorFlow Framework

SoK: Opportunities for Software-Hardware-Security Codesign for Next Generation Secure Computing

A Framework for the Interoperability of Cloud Platforms: Towards FAIR Data in SAFE Environments

Rpkiller: Threat Analysis from an RPKI Relying Party Perspective