Today big data pipelines are increasingly adopted by service applications representing a key enabler for enterprises to compete in the global market. However, the management of non-functional aspects of the big data pipeline (e.g., security, privacy) is still in its infancy. As a consequence, while functionally appealing, the big data pipeline does not provide a transparent environment, impairing the users' ability to evaluate its behavior. In this paper, we propose a security assurance methodology for big data pipelines grounded on the DevSecOps development paradigm to increase trustworthiness allowing reliable security and privacy by design. Our methodology models and annotates big data pipelines with non-functional requirements verified by assurance checks ensuring requirements to hold along with the pipeline lifecycle. The performance and quality of our methodology are evaluated in a real walkthrough analytics scenario.
A DevSecOps-based Assurance Process for Big Data Analytics / M. Anisetti, N. Bena, F. Berto, G. Jeon - In: 2022 IEEE International Conference on Web Services (ICWS)[s.l] : IEEE, 2022. - ISBN 978-1-6654-8143-4. - pp. 1-10 (( convegno ICWS tenutosi a Barcelona nel 2022 [10.1109/ICWS55610.2022.00017].
A DevSecOps-based Assurance Process for Big Data Analytics
M. Anisetti;N. Bena;F. Berto;
2022
Abstract
Today big data pipelines are increasingly adopted by service applications representing a key enabler for enterprises to compete in the global market. However, the management of non-functional aspects of the big data pipeline (e.g., security, privacy) is still in its infancy. As a consequence, while functionally appealing, the big data pipeline does not provide a transparent environment, impairing the users' ability to evaluate its behavior. In this paper, we propose a security assurance methodology for big data pipelines grounded on the DevSecOps development paradigm to increase trustworthiness allowing reliable security and privacy by design. Our methodology models and annotates big data pipelines with non-functional requirements verified by assurance checks ensuring requirements to hold along with the pipeline lifecycle. The performance and quality of our methodology are evaluated in a real walkthrough analytics scenario.File | Dimensione | Formato | |
---|---|---|---|
ABBJ.ICWS2022.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
749.22 kB
Formato
Adobe PDF
|
749.22 kB | Adobe PDF | Visualizza/Apri |
ABBJ.ICWS2022.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
1.91 MB
Formato
Adobe PDF
|
1.91 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.