Compliance-Aware Provisioning of Containers on Cloud

Deploying applications in containers has several advantages, such as rapid development, portability across different machines, and simplified maintenance. In a cloud computing environment, container scheduling algorithms coordinate with different aspects of physical systems, such as memory allocation for tasks of different users. The scheduled containers on a host may process sensitive data. For instance, containers may process healthcare information. In that case, diverse cloud environments with different components and subsystems may lead to a potential personal health information leakage and violation of data privacy. In this paper, we introduce a novel compliance-aware analysis model for provisioning containers in the cloud, that provides a HIPAA compliance model. The proposed method dynamically analyzes different requirements of HIPAA complaint containers (HIPAA parameters) and their associated risk values. Based on the risk optimization of the compliance parameters for data security and data privacy of the containers, our proposed method determines scheduling of containers that offer the lowest risk to healthcare data and to the compliance posture of the container. The model describes the resources that are associated with highlevel risks and provides real-time resource recommendation for a container scheduler to decrease the risk of HIPAA compliance violation.

[1]  T. S. Eugene Ng,et al.  The Impact of Virtualization on Network Performance of Amazon EC2 Data Center , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Justine Sherry,et al.  Silo: Predictable Message Latency in the Cloud , 2015, Comput. Commun. Rev..

[3]  James J. Filliben,et al.  Comparing VM-Placement Algorithms for On-Demand Clouds , 2011, CloudCom.

[4]  J. Cleveland,et al.  Guidelines for infection control in dental health-care settings--2003. , 2003, MMWR. Recommendations and reports : Morbidity and mortality weekly report. Recommendations and reports.

[5]  G. Annas HIPAA regulations - a new era of medical-record privacy? , 2003, The New England journal of medicine.

[6]  H. Sebastian Seung,et al.  Algorithms for Non-negative Matrix Factorization , 2000, NIPS.

[7]  Andrzej Cichocki,et al.  Fast Local Algorithms for Large Scale Nonnegative Matrix and Tensor Factorizations , 2009, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[8]  Chih-Jen Lin,et al.  Projected Gradient Methods for Nonnegative Matrix Factorization , 2007, Neural Computation.

[9]  Mukesh Singhal,et al.  An Efficient Parallel Implementation of a Light-weight Data Privacy Method for Mobile Cloud Users , 2016, 2016 Seventh International Workshop on Data-Intensive Computing in the Clouds (DataCloud).

[10]  S. Thacker HIPAA Privacy Rule and Public Health , 2003 .

[11]  Mukesh Singhal,et al.  A Light-Weight Permutation Based Method for Data Privacy in Mobile Cloud Computing , 2015, 2015 3rd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering.

[12]  Tom Caddy,et al.  Fips 140-2 , 2005, Encyclopedia of Cryptography and Security.

[13]  George N. Rouskas,et al.  The SILO Architecture for Services Integration, controL, and Optimization for the Future Internet , 2007, 2007 IEEE International Conference on Communications.

[14]  Stefan Lukits,et al.  Maximum Entropy and Probability Kinematics Constrained by Conditionals , 2015, Entropy.