In SecConNet we research novel container network architectures, which utilize programmable infrastructures and virtualisation technologies across multiple administrative domains whilst maintaining security and quality requirements of requesting parties for both private sector and scientific use-cases. For this, we exploit semantically annotated infrastructure information together with the information on the business and application logic and apply policy engines and encryption to enforce the intents of the data owners in the infrastructure and thus increasing trust.
Containers are lightweight alternatives to full-fledged virtual machines. Containers provide scientific, industrial and business applications with versatile computing environments suitable to handle Big Data applications. A container can operate as a secure, isolated and individual entity that on behalf of its owner manages and processes the data it is given.
Containers can exploit policy engines and encryption to protect algorithms and data. However, for multi-organisation (chain) applications groups of containers need access to the same data and/or need to exchange data among them. Technologies to connect containers together are developed with primary attention to their performance, but the greatest challenge is the creation of secure and reliable multi-site, multi-domain container networks.
The project will deliver multiple models of container infrastructures as archetypes for Big Data applications. SecConNet will show that containers can efficiently map to available clouds and data centers, and can be interconnected to deliver these different operational models; these in turn can support a plethora of Big Data applications in domains such as life sciences, health and industrial applications.