IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

Today big data pipelines are increasingly adopted by service applications representing a key enabler for enterprises to compete in the global market. However, the management of non-functional aspects of the big data pipeline (e.g., security, privacy) is still in its infancy. As a consequence, while functionally appealing, the big data pipeline does not provide a transparent environment, impairing the users' ability to evaluate its behavior. In this paper, we propose a security assurance methodology for big data pipelines grounded on the DevSecOps development paradigm to increase trustworthiness allowing reliable security and privacy by design. Our methodology models and annotates big data pipelines with non-functional requirements verified by assurance checks ensuring requirements to hold along with the pipeline lifecycle. The performance and quality of our methodology are evaluated in a real walkthrough analytics scenario.

A DevSecOps-based Assurance Process for Big Data Analytics / M. Anisetti, N. Bena, F. Berto, G. Jeon - In: 2022 IEEE International Conference on Web Services (ICWS)[s.l] : IEEE, 2022. - ISBN 978-1-6654-8143-4. - pp. 1-10 (( convegno ICWS tenutosi a Barcelona nel 2022 [10.1109/ICWS55610.2022.00017].

A DevSecOps-based Assurance Process for Big Data Analytics

M. Anisetti;N. Bena;F. Berto;
2022

Abstract

Today big data pipelines are increasingly adopted by service applications representing a key enabler for enterprises to compete in the global market. However, the management of non-functional aspects of the big data pipeline (e.g., security, privacy) is still in its infancy. As a consequence, while functionally appealing, the big data pipeline does not provide a transparent environment, impairing the users' ability to evaluate its behavior. In this paper, we propose a security assurance methodology for big data pipelines grounded on the DevSecOps development paradigm to increase trustworthiness allowing reliable security and privacy by design. Our methodology models and annotates big data pipelines with non-functional requirements verified by assurance checks ensuring requirements to hold along with the pipeline lifecycle. The performance and quality of our methodology are evaluated in a real walkthrough analytics scenario.
Assurance; Big Data; Trustworthiness; DevSecOps
Settore INF/01 - Informatica
   One Health Action Hub: task force di Ateneo per la resilienza di ecosistemi territoriali (1H_Hub) Linea Strategica 3, Tema One health, one earth
   1H_Hub
   UNIVERSITA' DEGLI STUDI DI MILANO

   MIND FoodS HUB
   REGIONE LOMBARDIA
2022
Book Part (author)
03 - Contributo in volume
File in questo prodotto:
File Dimensione Formato  
ABBJ.ICWS2022.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 749.22 kB
Formato Adobe PDF
Visualizza/Apri
749.22 kB Adobe PDF Visualizza/Apri
ABBJ.ICWS2022.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 1.91 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.91 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/938530
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? 1
social impact