Specification and deployment of integrated Security Policy for Outsourced Data

Anis Bkakria 1, 2
1 Lab-STICC_TB_CID_SFIIS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : Recent advance in cloud computing has transformed the way information is managed and consumed. Cloud service providers are increasingly required to take responsibility for the storage as well as the effcient and reliable sharing of information, thus carrying out a "data outsourcing" architecture. Despite that outsourcing information on Cloud service providers may cut down data owners' responsibility of managing data while increasing data availability, data owners hesitate to fully trust Cloud service providers to protect their outsourced data. Recent data breaches on Cloud storage providers have exacerbated these security concerns. In response, security designers defined approaches that provide high level security assurance, such as encrypting data before outsourcing them to Cloud servers. Such traditional approaches bring however the disadvantage of prohibiting useful information release. This raises then the need to come up with new models and approaches for defining and enforcing security and utility policies on outsourced data. This thesis aims to address this trade-off, while considering two kind of security policies. In the first hand, we focus on confidentiality policies specification and enforcement, which requires enforcing the secrecy of outsourced data stored by an untrusted Cloud service provider, while providing an efficient use (e.g., searching and computing) of the outsourced data by different authorized users. On the other hand, we address the problem of heterogeneous security policies (e.g., confidentiality requirements, privacy requirements, ownership requirements, etc) specification and deployment.
Document type :
Theses
Complete list of metadatas

Cited literature [137 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/tel-01272737
Contributor : Bibliothèque Télécom Bretagne <>
Submitted on : Thursday, February 11, 2016 - 12:22:24 PM
Last modification on : Monday, February 25, 2019 - 3:14:15 PM
Long-term archiving on : Saturday, November 12, 2016 - 5:47:27 PM

File

2015telb0376_Bkakria Anis.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : tel-01272737, version 1

Citation

Anis Bkakria. Specification and deployment of integrated Security Policy for Outsourced Data. Computer science. Télécom Bretagne; Université de Rennes 1, 2015. English. ⟨tel-01272737⟩

Share

Metrics

Record views

321

Files downloads

375