Application et assurance autonomes de propriétés de sécurité dans un environnement d’informatique en nuage

Abstract : Cloud environnements are heterogeneous and dynamic, which makes them difficult to protect. In this thesis, we introduce a language and an architecture that can be used to express and enforce security properties in a Cloud. The language allows a Cloud user to express his security requirements without specifying how they will be enforced. The language is based on contexts (to abstract the resources) and properties (to express the security requirements). The properties are then enforced through an autonomic architecture using existing and available security mechanisms (such as SELinux, PAM, iptables, or firewalld). This architecture abstracts and reuses the security capabilities of existing mechanisms. A security property is thus defined by a combination of capabilities and can be enforced through the collaboration of several mechanisms. The mechanisms are then automatically configured according to the user-defined properties. Moreover, the architecture offers an assurance system to detect the failure of a mechanism or an enforcement error. Therefore, the architecture can address any problem, for instance by re-applying a property using different mechanisms. Lastly, the assurance system provides an evaluation of the properties enforcement. This thesis hence offers an autonomic architecture to enforce and assure security in Cloud environnements.
Document type :
Theses
Complete list of metadatas

Cited literature [118 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01280846
Contributor : Abes Star <>
Submitted on : Tuesday, March 1, 2016 - 11:22:06 AM
Last modification on : Thursday, January 17, 2019 - 3:10:02 PM
Long-term archiving on : Tuesday, May 31, 2016 - 10:46:45 AM

File

aline_bousquet_3139.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01280846, version 1

Collections

Citation

Aline Bousquet. Application et assurance autonomes de propriétés de sécurité dans un environnement d’informatique en nuage. Cryptographie et sécurité [cs.CR]. Université d'Orléans, 2015. Français. ⟨NNT : 2015ORLE2012⟩. ⟨tel-01280846⟩

Share

Metrics

Record views

650

Files downloads

979