SecConNet|Smart and Secure Container Networks for Trusted Big Data Sharing
There are many organizations interested in sharing data with others. However, they can do this only if a secure platform is available. Digital Data Marketplaces (DDMs) are emerging as a framework for organizations to share their data. To increase trust among participating organizations multiple agreements should be established to determine policies about who has access to what. Translating these high-level sharing policies to actionable code and setting up an infrastructure that implements and enforces the policies is still a big challenge.
In SecConNet, we research novel container network architectures, which utilize programmable infrastructures and virtualization technologies across multiple administrative domains whilst maintaining the security and quality requirements of requesting parties for both private sector and scientific use cases. Containers are lightweight alternatives to full-fledged virtual machines. A container can operate as a secure, isolated, and individual entity that on behalf of its owner manages and processes the data it is given. However, for multi-organization (chain) applications groups of containers need access to the same data and/or need to exchange data among them. Technologies to connect containers are developed with primary attention to their performance, but the greatest challenge is the creation of secure and reliable multi-domain container networks. We first investigate different technologies to evaluate their capabilities to support the network infrastructure requirements in secure data sharing. We then proposed a P4-based network to be able to build a multi-domain DDM. Finally, we use the capabilities of the P4-based network to monitor the transactions in the DDM.