TY - UNPB
T1 - Design choices for productive, secure, data-intensive research at scale in the cloud
AU - Arenas, Diego
AU - Atkins, Jon
AU - Austin, Claire
AU - Beavan, David
AU - Egea, Alvaro Cabrejas
AU - Carlysle-Davies, Steven
AU - Carter, Ian
AU - Clarke, Rob
AU - Cunningham, James
AU - Doel, Tom
AU - Forrest, Oliver
AU - Gabasova, Evelina
AU - Geddes, James
AU - Hetherington, James
AU - Jersakova, Radka
AU - Kiraly, Franz
AU - Lawrence, Catherine
AU - Manser, Jules
AU - O'Reilly, Martin T.
AU - Robinson, James
AU - Sherwood-Taylor, Helen
AU - Tierney, Serena
AU - Vallejos, Catalina A.
AU - Vollmer, Sebastian
AU - Whitaker, Kirstie
PY - 2019/8/23
Y1 - 2019/8/23
N2 - We present a policy and process framework for secure environments for productive data science research projects at scale, by combining prevailing data security threat and risk profiles into five sensitivity tiers, and, at each tier, specifying recommended policies for data classification, data ingress, software ingress, data egress, user access, user device control, and analysis environments. By presenting design patterns for security choices for each tier, and using software defined infrastructure so that a different, independent, secure research environment can be instantiated for each project appropriate to its classification, we hope to maximise researcher productivity and minimise risk, allowing research organisations to operate with confidence.
AB - We present a policy and process framework for secure environments for productive data science research projects at scale, by combining prevailing data security threat and risk profiles into five sensitivity tiers, and, at each tier, specifying recommended policies for data classification, data ingress, software ingress, data egress, user access, user device control, and analysis environments. By presenting design patterns for security choices for each tier, and using software defined infrastructure so that a different, independent, secure research environment can be instantiated for each project appropriate to its classification, we hope to maximise researcher productivity and minimise risk, allowing research organisations to operate with confidence.
KW - cs.CR
U2 - 10.48550/arXiv.1908.08737
DO - 10.48550/arXiv.1908.08737
M3 - Preprint
SP - 1
EP - 23
BT - Design choices for productive, secure, data-intensive research at scale in the cloud
PB - arXiv
ER -