[foaf-dev] PhD position at the French LIFO Lab: "Access Control for Cloud computing"

Patrice Clemente patrice.clemente at ensi-bourges.fr
Fri May 18 19:30:18 EDT 2012


Apologies for multiple copies.
---------------------------------------------------
The French 'LIFO' Laboratory seeks a versatile, highly motivated PhD candidate to work on Cloud Computing Security. 
LIFO (Laboratoire d'Informatique Fondamentale d'Orléans) - France
---------------------------------------------------
PhD thesis subject: Access Control for Cloud computing

1. Subject description
The security of Cloud Computing is becoming highly critical for computer information systems. Many concrete examples have shown that public cloud architectures, such as Google, Twitter[a] or Amazon[b], didn’t provide enough security for their customers. Many problems occur: data corruption, data loss, information leakage [3], as well as problems of quality of service, and chain of responsibility.
The work to be done in this PhD thesis vill aim at securing cloud architectures, while letting the actors involved in the cloud services and usages, the ability to express themselves their security needs. To do that, they will use fine-grained and powerful security policies. The enforcement of those policies using a multi-level access control (AC) mechanism will be the keystone of this work. The AC engine will deal with SaaS (Software as a Service) policies, PaaS (Platform aaS) policies or IaaS (Infrastructure aaS) policies. The AC mechanism will transform policies from the SaaS level into PaaS or IaaS policies. Those policies will take into account:
- the security properties defined by the administrators; 
- the roles of the users, the roles of the services/applications, the roles of the virtual machines images and their resources; 
- the interconnection of the clouds; 
- the localization of the data and the services and 
- legal aspects (medical or institutional data); 
- the Service Level Agreement (SLA).
The AC enforcement will be done at any level (SaaS, PaaS, IaaS). The AC mechanism of each level (application, middleware, operating system, hypervisor) will cooperate with the others to provide a sufficient and homogeneous security guarantee at the global level. Particular attention will be paid to localization aspects: service isolation, server/data-center choice or security level choice.

[a] http://www.networkworld.com/news/2009/071509-theft-twitter-docs.html 
[b] https://blogs.oracle.com/gbrunett/entry/amazon_s3_silent_data_corruption

References
[1] S. Eludiora, O. O. Abiona, A. O. Oluwatope, A. I. Oluwaranti, C. E. Onime, and L. O. Kehinde. A user identity management protocol for cloud computing paradigm. International Journal of Communications, Network and System Sciences, 4(3):152– 163, 2011.
[2] S.-X.Luo,F.-M.Liu,andC.-L.Ren. A hierarchy attribute-based access control model for cloud storage. In International Conference on Machine Learning and Cybernetics (ICMLC), pages 1146–1150. IEEE, 2011.
[3] T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In E. Al-Shaer, S. Jha, and A. D. Keromytis, editors, ACM Conference on Computer and Communications Security, pages 199–212. ACM, 2009.

2. The Lab
The PhD will be done at the Laboratoire d’Informatique Fondamentale d’Orléans (LIFO), site of Bourges, directed by Pr Pascal Berthomé (SDS team), Pr Frédéric Loulergue (PaMDA team) and advised by Patrice Clemente (SDS team).
2.1 SDS – Security and Distributed Systems
The Security and Distributed Systems team, located in Bourges, in the National High School of Engineering (ENSI), in Bourges, France. This team involves professors and associate professors of the “Security and Technology in Computer Science” department. Their research activities are all focused on computer science security. Their objectives are: the protection of operating systems, the protection of high performance computing (HPC) systems and the protection of embedded systems. The SDS strength are the protection of operating systems and the protection of distributed computing architectures. The team has won the first national security challenge proposed by French National de Research Agency (ANR) by introducing a fully functional and highly protected operating systems for Internet.
2.2 PaMDA – Programming, MoDeling and verification of parallel and distributed Applications
The PaMDA team leads research activities both on software verification and distributed and parallel programming. Pr Frédéric Loulergue, member of the PaMDA team works on practical and formal aspects of design, programming and applications of structured parallels programming libraries and languages. In the international white project « Parallel Program Development with Algorithmic Skeletons » (http://traclifo.univ-orleans. fr/PaPDAS) in collaboration with the university of Tokyo and the technological university of Kochi, Pr F. Loulergue studies the systematic development of parallel programs and their verified compilation (using Coq) for an parallel extension of the C language, for shared and distributed memory. In the project « Cloud computing : experimentation and verification » (http://traclifo.univ-orleans.fr/INEX), he studies the systematic development of parallel programs and the proof of MapReduce programs for cloud computing.

3. Funding and application
The PhD may be funded by the french ministry of high education and research. The PhD candidate should hold a research-oriented Master's degree (MSc/MA) or an equivalent qualification, and have a strong background or demonstrable interest in:
- operating systems ;
- middlewares and distributed systems ;
- computer security ;

Please send to the following recipients a CV and a motivation letter, two recommendation letters and report card grades and/or Evaluation/Final marks of the three previous years. Those documents should also clearly provide the ranking of the student. A publication list would also be appreciated. 

IMPORTANT: The application should be sent – on or before May 31, 2012 by email to:
– Patrice Clemente (Patrice.Clemente at ensi-bourges.fr) 
– Pascal Berthomé (Pascal.Berthome at ensi-bourges.fr) 
– Frédéric Loulergue (Frederic.Loulergue at univ-orleans.fr)
The pre-selected candidates will have an interview with committees of the MIPTIS doctoral school and the LIFO Lab.

---------------------------------------------------
Patrice Clemente
Assistant Professor
National School of Engineers at Bourges
Security and Distributed Systems Team - LIFO
88 bld Lahitolle, 18020 Bourges cedex - France
Tel: +33 (0)2 48 48 40 63 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sds_pamda2012-en.pdf
Type: application/pdf
Size: 120712 bytes
Desc: not available
URL: <http://lists.foaf-project.org/pipermail/foaf-dev/attachments/20120519/c99e9ece/attachment-0001.pdf>


More information about the foaf-dev mailing list