Description
Date depot: 1 janvier 1900
Titre: Mécanismes de sécurité et de protection de données privées pour le Cloud Computing
Directeur de thèse:
Refik MOLVA (Eurecom)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Non defini
Resumé:
Security and Privacy Mechanisms for Cloud Computing
In the last decade, information technologies have been governed by a major trend towards outsourcing data storage and computations to third party services. Among various distributed computing scenarios such as web applications, service oriented architectures, and social networks, cloud computing appears to be the most prominent outsourcing approach adopted by the computing industry. Cloud computing in particular and outsourcing in general offer a number of advantages in terms of reduced cost of ownership and maintenance, elasticity, and scalability. Yet these advantages come at the expense of serious security and privacy breeches that are inherent to the underlying outsourcing model whereby the handling of sensitive data and computations relies on potentially untrusted parties such as the cloud service providers and further providers for the application and communication services. Classical security mechanisms such as data encryption and integrity unfortunately fall short of countering these privacy and security violations in the original setting whereby the performance advantages and the resulting extensive service offerings can still be kept. The main objective of research in this field is to come up with new solutions for end-to-end security and privacy geared toward the users that would be compatible with the basic principle of outsourcing, that is, based on these new solutions, the untrusted third parties would be able to perform basic operations on users’ data and programs while preserving the effect of end-to-end protections. For instance, when it comes to data confidentiality, the goal would be to design a new encryption mechanism that would allow the cloud provider to perform data handling operations over data segments encrypted by users without having to decrypt. Current research in this field focuses on various aspects of confidentiality and integrity with the constraint of compatibility with basic cloud storage and computation mechanisms.
Doctorant.e: Vasilopoulos Dimitrios