Browse ORBilu by Open Access
- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?
ORBilu is a project developed by
   Serge Abiteboul, au cœur des donnéesSchafer, Valerie  in Technique et Science Informatiques (2014) Des bases de données au « data déluge » actuel, Serge Abiteboul se passionne depuis plus de trente ans pour un domaine qui ne cesse d’évoluer et de nous confronter à de nouveaux défis, techniques, mais ... [more ▼] Des bases de données au « data déluge » actuel, Serge Abiteboul se passionne depuis plus de trente ans pour un domaine qui ne cesse d’évoluer et de nous confronter à de nouveaux défis, techniques, mais aussi sociétaux. Il a reçu en 2013 le prix Milner de la Royal Society et vient d’achever le projet Webdam sur la gestion des données, pour lequel il avait été lauréat en 2008 d’une bourse ERC. Membre de l’Académie des Sciences et du Conseil National du Numérique, président du conseil scientifique de la SIF, co-fondateur du blog binaire, Serge Abiteboul, chercheur à Inria, revient sur sa carrière, ses recherches et éclaire pour nous quelques-uns des enjeux que pose aujourd’hui le numérique. [less ▲] Detailed reference viewed: 75 (1 UL) CERTICLOUD, une plate-forme Cloud IaaS sécuriséeBertholon, Benoit ; Varrette, Sébastien ; Bouvry, Pascal in Technique et Science Informatiques (2012), 31(8-9-10), 1121-1152 The security issues raised by the Cloud paradigm are not always tackled from the user point of view. For instance, considering an Infrastructure-as-a-Service (IaaS) Cloud, it is currently impossible for a ... [more ▼] The security issues raised by the Cloud paradigm are not always tackled from the user point of view. For instance, considering an Infrastructure-as-a-Service (IaaS) Cloud, it is currently impossible for a user to certify in a reliable and secure way that the environment he deployed (typically a Virtual Machine (VM)) has not been corrupted, whether by malicious acts or not. Yet having this functionality would enhance the confidence on the IaaS provider and therefore attract new customers. This paper fills this need by proposing CERTICLOUD, a novel approach for the protection of IaaS platforms that relies on the concepts developed in the Trusted Computing Group (TCG) together with hardware elements, i.e., Trusted Platform Module (TPM) to offer a secured and reassuring environment. Those aspects are guaranteed by two protocols : TCRR and VerifyMyVM. When the first one asserts the integrity of a remote resource and permits to exchange a private symmetric key, the second authorizes the user to detect trustfully and on demand any tampering attempt on his running VM. These protocols being key components in the proposed framework, we take very seriously their analysis against known cryptanalytic attacks. This is testified by their successful validation by AVISPA and Scyther, two reference tools for the automatic verification of security protocols. The CERTICLOUD proposal is then detailed : relying on the above protocols, this platform provides the secure storage of users environments and their safe deployment onto a virtualization framework. While the physical resources are checked by TCRR, the user can execute on demand the VerifyMyVM protocol to verify the integrity of his deployed environment. Experimental results operated on a first prototype of CERTICLOUD over Nimbus demonstrate the feasibility and the low overhead of the approach, together with its easy implementation on recent commodity machines. [less ▲] Detailed reference viewed: 217 (4 UL)Un protocole de sauvegarde / reprise coordonné pour les applications à flot de données reconfigurablesBesseron, Xavier ; ; et alin Technique et Science Informatiques (2007) Detailed reference viewed: 101 (2 UL) |
||
