István, Zsolt ; Ponnapalli, Soujanya ; Chidambaram, Vijay (2021)
Software-Defined Data Protection: Low Overhead Policy Compliance at the Storage Layer is Within Reach!
In: Proceedings of the VLDB Endowment, 14 (7)
doi: 10.14778/3450980.3450986
Artikel, Bibliographie
Kurzbeschreibung (Abstract)
Most modern data processing pipelines run on top of a distributed storage layer, and securing the whole system, and the storage layer in particular, against accidental or malicious misuse is crucial to ensuring compliance to rules and regulations. Enforcing data protection and privacy rules, however, stands at odds with the requirement to achieve higher and higher access bandwidths and processing rates in large data processing pipelines. In this work we describe our proposal for the path forward that reconciles the two goals. We call our approach "Software-Defined Data Protection" (SDP). Its premise is simple, yet powerful: decoupling often changing policies from request-level enforcement allows distributed smart storage nodes to implement the latter at line-rate. Existing and future data protection frameworks can be translated to the same hardware interface which allows storage nodes to offload enforcement efficiently both for company-specific rules and regulations, such as GDPR or CCPA. While SDP is a promising approach, there are several remaining challenges to making this vision reality. As we explain in the paper, overcoming these will require collaboration across several domains, including security, databases and specialized hardware design.
| Typ des Eintrags: | Artikel |
|---|---|
| Erschienen: | 2021 |
| Autor(en): | István, Zsolt ; Ponnapalli, Soujanya ; Chidambaram, Vijay |
| Art des Eintrags: | Bibliographie |
| Titel: | Software-Defined Data Protection: Low Overhead Policy Compliance at the Storage Layer is Within Reach! |
| Sprache: | Englisch |
| Publikationsjahr: | März 2021 |
| Verlag: | VLDB Endowment |
| Titel der Zeitschrift, Zeitung oder Schriftenreihe: | Proceedings of the VLDB Endowment |
| Jahrgang/Volume einer Zeitschrift: | 14 |
| (Heft-)Nummer: | 7 |
| DOI: | 10.14778/3450980.3450986 |
| Kurzbeschreibung (Abstract): | Most modern data processing pipelines run on top of a distributed storage layer, and securing the whole system, and the storage layer in particular, against accidental or malicious misuse is crucial to ensuring compliance to rules and regulations. Enforcing data protection and privacy rules, however, stands at odds with the requirement to achieve higher and higher access bandwidths and processing rates in large data processing pipelines. In this work we describe our proposal for the path forward that reconciles the two goals. We call our approach "Software-Defined Data Protection" (SDP). Its premise is simple, yet powerful: decoupling often changing policies from request-level enforcement allows distributed smart storage nodes to implement the latter at line-rate. Existing and future data protection frameworks can be translated to the same hardware interface which allows storage nodes to offload enforcement efficiently both for company-specific rules and regulations, such as GDPR or CCPA. While SDP is a promising approach, there are several remaining challenges to making this vision reality. As we explain in the paper, overcoming these will require collaboration across several domains, including security, databases and specialized hardware design. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Distributed and Networked Systems |
| Hinterlegungsdatum: | 23 Jan 2023 12:46 |
| Letzte Änderung: | 28 Mär 2023 12:35 |
| PPN: | 506364569 |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum