Sûreté de fonctionnement dans le nuage de stockage / Dependability in cloud storage

Obame Meye, Pierre

01 December 2016

La quantité de données stockées dans le monde ne cesse de croître et cela pose des challenges aux fournisseurs de service de stockage qui doivent trouver des moyens de faire face à cette croissance de manière scalable, efficace, tout en optimisant les coûts. Nous nous sommes intéressés aux systèmes de stockage de données dans le nuage qui est une grande tendance dans les solutions de stockage de données. L'International Data Corporation (IDC) prédit notamment que d'ici 2020, environ 40% des données seront stockées et traitées dans le nuage. Cette thèse adresse les challenges liés aux performances d'accès aux données et à la sûreté de fonctionnement dans les systèmes de stockage dans le nuage. Nous avons proposé Mistore, un système de stockage distribué que nous avons conçu pour assurer la disponibilité des données, leur durabilité, ainsi que de faibles latences d'accès aux données en exploitant des zones de stockage dans les box, les Points de Présence (POP), et les centre de données dans une infrastructure Digital Subscriber Line (xDSL) d'un Fournisseur d'Accès à Internet (FAI). Dans Mistore, nous adressons aussi les problèmes de cohérence de données en fournissant plusieurs critères de cohérence des données ainsi qu'un système de versioning. Nous nous sommes aussi intéressés à la sécurité des données dans le contexte de systèmes de stockage appliquant une déduplication des données, qui est l'une des technologies les plus prometteuses pour réduire les coût de stockage et de bande passante réseau. Nous avons conçu une méthode de déduplication en deux phases qui est sécurisée contre des attaques d'utilisateurs malicieux tout en étant efficace en termes d'économie de bande passante réseau et d'espace de stockage. / The quantity of data in the world is steadily increasing bringing challenges to storage system providers to find ways to handle data efficiently in term of dependability and in a cost-effectively manner. We have been interested in cloud storage which is a growing trend in data storage solution. For instance, the International Data Corporation (IDC) predicts that by 2020, nearly 40% of the data in the world will be stored or processed in a cloud. This thesis addressed challenges around data access latency and dependability in cloud storage. We proposed Mistore, a distributed storage system that we designed to ensure data availability, durability, low access latency by leveraging the Digital Subscriber Line (xDSL) infrastructure of an Internet Service Provider (ISP). Mistore uses the available storage resources of a large number of home gateways and Points of Presence for content storage and caching facilities. Mistore also targets data consistency by providing multiple types of consistency criteria on content and a versioning system. We also considered the data security and confidentiality in the context of storage systems applying data deduplication which is becoming one of the most popular data technologies to reduce the storage cost and we design a two-phase data deduplication that is secure against malicious clients while remaining efficient in terms of network bandwidth and storage space savings.

Sûreté de fonctionnement

Nuage de stockage

Cloud storage

Systèmes distribués

Confidentialité des données

Déduplication

Dependability

Cloud storage

Distributed systems

Data consistency

Data placement

Data confidentiality

Deduplication

A obtenção e o emprego de informações pela administração tributária em face das normas de sigilo

Wasserman, Rafhael

25 May 2010

Made available in DSpace on 2016-04-26T20:30:29Z (GMT). No. of bitstreams: 1 Rafhael Wasserman.pdf: 2007952 bytes, checksum: 08ef0dea0aaba342671f03cfa8e93d38 (MD5) Previous issue date: 2010-05-25 / Conselho Nacional de Desenvolvimento Científico e Tecnológico / The scope of this study is to look into tax-related information from the moment it is seized to the moment it is used as evidence of fines and taxes levied. This study is justified due to the vulnerableness of the individual s fundamental right to privacy. The right to privacy, especially in terms of protection of financial and tax-related data, is protected by confidentiality provisions violated by amendments to the National Tax Code resulting from Supplementary Laws 104 and 105, both from January 10, 2001. Firstly, we will examine the Brazilian Revenue Service and the myriad of tools it has available to inspect the lives and activities of individuals and legal entities, from the right of scrutinizing accounting books, merchandise, files, and documents, to the right of imposing the duty to provide information on the taxpayer to financial institutions and the like. There is an undeniable tension between the forms of information gathering and the protection of confidential data. Among the kinds of confidentiality related to our topic, financial data confidentiality stands out. According to prevailing case law and scholarly opinions, financial data confidentiality can be moderated as a result of a court order. However, contrariwise, Supplementary Law 105/01 has authorized data to be directly turned over to the Revenue Service. This is a clear non-conformity with the current Brazilian constitutional system. Provided constitutional provisions are taken into account, tax-related information are undeniably subject to being transferred to the tax authorities, which, in turn, have the duty of keeping them from third parties due to the confidentiality clause. This second kind of data confidentiality protection ensures the same right to privacy by preventing said information from being disclosed to third parties. This provision was made more elastic by Supplementary Law 104/01. Likewise and for the same reasons as financial confidentiality, only a court order can break through the confidential nature of tax-related information. Tax-related data, provided they are lawfully obtained, can be employed by the tax authorities in order to produce evidence of taxes and fines levied, and issue deficiency notices. The evidence submitted by the Revenue Service shall be admitted as long as it respects the applicable constitutional and legal provisions, especially provisions related to individual rights and freedoms. We understand, differently from the current and prevailing literature, which seems to passively accept the full disclosure of tax-related information on taxpayers and third parties based on the recent Supplementary Laws , that although tax inspection fulfills the administration s revenue needs, its limits are drawn by constitutional provisions, which no other kind of legislation has the power to disregard / Este trabalho tem como escopo a análise das informações fiscais, do momento de sua apreensão à sua utilização, sobremodo como provas a lastrear a exigência de tributos e multas. Justifica-se a reflexão em razão da vulneração ao direito fundamental à privacidade dos cidadãos, tutelado por normas de sigilo de dados, em especial os sigilos financeiro e fiscal, por força das substanciais alterações ao texto do Código Tributário Nacional oriundas do advento das Leis Complementares nº 104 e 105, ambas de 10 de janeiro de 2001. Parte-se do exame da Administração Tributária e do vasto instrumental à sua disposição para fiscalizar as atividades desenvolvidas pelos particulares, desde o direito de examinar livros, mercadorias, arquivos e documentos dos sujeitos passivos, à imposição de deveres de informar a contribuintes e terceiros, como instituições financeiras e entes assemelhados. Observa-se uma inegável tensão entre essas formas de coleta de informações e o sigilo de dados. Dentre as espécies de sigilo de dados relacionadas à temática, desponta o sigilo financeiro, passível de relativização mediante decisão judicial, ao contrário do insculpido na Lei Complementar nº 105/01, que autoriza a transferência direta de dados à Fazenda Pública, em desconformidade à ordem constitucional vigente. Respeitadas as balizas constitucionais, as informações serão passíveis de comunicação às autoridades fiscais, que têm o dever de mantê-las afastadas do conhecimento alheio, por influxo do sigilo fiscal. Essa outra espécie de sigilo de dados atua na proteção do mesmo direito à privacidade, ao impedir a revelação de tais informações a terceiros, cujo regramento foi flexibilizado com a edição da Lei Complementar nº 104/01. Da mesma forma que o sigilo financeiro e pelas mesmas razões, o sigilo fiscal somente admite afastamento por meio de decisão judicial. Os dados de matiz tributário, quando licitamente produzidos, poderão ser apropriados por agentes fiscais na forma de provas a lastrear a exigência de tributos e multas, por meio da composição de atos administrativos de lançamento ou auto de infração. As provas constituídas pela Administração serão reputadas admissíveis desde que respeitadas as normas constitucionais e legais aplicáveis, mormente os direitos e garantias individuais. Entende-se contrariamente à tendência doutrinária atual, que aceita passivamente a ampla divulgação de informes fiscais relacionados a contribuintes e terceiros em decorrência da nova legislação complementar, pois a fiscalização tributária, embora indispensável à realização do interesse arrecadatório, encontra limites delineados pelo legislador constituinte, os quais não são superáveis por enunciados infraconstitucionais

Deveres instrumentais

Privacidade

Sigilo financeiro

Provas ilícitas

Administracao tributaria -- Brasil

Fiscalizacao tributaria -- Brasil

Direito a privacidade -- Brasil

Sigilo fiscal -- Brasil

Brazilian revenue service

Tax inspection

Instrumental rights

Privacy

Tax confidentiality

Financial data confidentiality

Unlawfully obtained evidence

Grid Fault management techniques: the case of a Grid environment with malicious entities

Akimana, Rachel

01 October 2008

<p>La tolérance et la gestion des fautes dans les grilles de données/calcul est d’une importance capitale. En effet, comme dans tout autre système distribué, les composants d’une grille sont susceptibles de tomber en panne à tout moment. Mais le risque de panne croît avec la taille du système, et est donc plus exacerbé dans un système de grille. En plus, tout en essayant de mettre à profit les ressources offertes par la grille, les applications tournant sur celle-ci sont de plus en plus complexes (ex. impliquent des interactions complexes, prennent des jours d’exécution), ce qui les rend plus vulnérables aux fautes. Le plus difficile dans la gestion des fautes dans une grille, c’est qu’il est difficile de savoir si une faute qui survient sur une entité de la grille est induite malicieusement ou accidentellement.<p><p>Dans notre travail de thèse, nous utilisons le terme faute, au sens large, pour faire référence à tout étant inattendu qui survient sur tout composant de la grille. Certains de ces états provoquent des comportements aussi inattendus et perceptibles au niveau de la grille tandis que d’autres passent inaperçues. De plus, certaines de ces fautes sont le résultat d’une action malveillante alors que d’autres surviennent accidentellement ou instantanément. Dans ce travail de thèse, nous avons traité le cas de ces fautes induites malicieusement, et qui généralement passent inaperçues. Nous avons considéré en particulier le problème de la confidentialité et de l’intégrité des données stockées à long-terme sur la grille.<p><p>L’étude de la confidentialité des données a été faite en deux temps dont la première partie concerne la confidentialité des données actives. Dans cette partie, nous avons considéré une application liée à la recherche des similitudes d’une séquence d’ADN dans une base de données contenant des séquences d’ADN et stockée sur la grille. Pour cela, nous avons proposé une méthode qui permet d’effectuer la comparaison sur un composant distant, mais tout en gardant confidentielle la séquence qui fait l’objet de la comparaison. <p>Concernant les données passives, nous avons proposé une méthode de partage des données confidentielles et chiffrés sur la grille.<p> <p>En rapport avec l’intégrité des données, nous avons considéré le cas des données anonymes dans le cadre de l’intégrité des données passives. Pour les données actives, nous avons considéré le problème de la corruption des jobs exécutés sur la grille. Pour chacune des cas, nous avons proposé des mécanismes permettant de vérifier l’authenticité des données utilisées ou produites par ces applications.<p> / Doctorat en Sciences / info:eu-repo/semantics/nonPublished

Sciences exactes et naturelles

Informatique générale

Computer system failures

Fault-tolerant computing

Data protection

Computational grids (Computer systems)

Pannes système (Informatique)

Tolérance aux fautes (Informatique)

Grilles informatiques

Grids

Faults

data integrity

data confidentiality

malicious entities

Towards Data and Model Confidentiality in Outsourced Machine Learning

Sharma, Sagar

05 September 2019

No description available.

Computer Science

Computer Engineering

outsource storage

machine learning computations

public cloud providers

cloud outsourcing

Cloud

privacy concerns

privacy attacks

data confidentiality

model confidentiality

confidential machine learning

CML frameworks

semantic security

Securing data dissemination in vehicular ad hoc networks

Aldabbas, Hamza

January 2012

Vehicular ad hoc networks (VANETs) are a subclass of mobile ad hoc networks (MANETs) in which the mobile nodes are vehicles; these vehicles are autonomous systems connected by wireless communication on a peer-to-peer basis. They are self-organized, self-configured and self-controlled infrastructure-less networks. This kind of network has the advantage of being able to be set-up and deployed anywhere and anytime because it has no infrastructure set-up and no central administration. Distributing information between these vehicles over long ranges in such networks, however, is a very challenging task, since sharing information always has a risk attached to it especially when the information is confidential. The disclosure of such information to anyone else other than the intended parties could be extremely damaging, particularly in military applications where controlling the dissemination of messages is essential. This thesis therefore provides a review of the issue of security in VANET and MANET; it also surveys existing solutions for dissemination control. It highlights a particular area not adequately addressed until now: controlling information flow in VANETs. This thesis contributes a policy-based framework to control the dissemination of messages communicated between nodes in order to ensure that message remains confidential not only during transmission, but also after it has been communicated to another peer, and to keep the message contents private to an originator-defined subset of nodes in the VANET. This thesis presents a novel framework to control data dissemination in vehicle ad hoc networks in which policies are attached to messages as they are sent between peers. This is done by automatically attaching policies along with messages to specify how the information can be used by the receiver, so as to prevent disclosure of the messages other than consistent with the requirements of the originator. These requirements are represented as a set of policy rules that explicitly instructs recipients how the information contained in messages can be disseminated to other nodes in order to avoid unintended disclosure. This thesis describes the data dissemination policy language used in this work; and further describes the policy rules in order to be a suitable and understandable language for the framework to ensure the confidentiality requirement of the originator. This thesis also contributes a policy conflict resolution that allows the originator to be asked for up-to-date policies and preferences. The framework was evaluated using the Network Simulator (NS-2) to provide and check whether the privacy and confidentiality of the originators’ messages were met. A policy-based agent protocol and a new packet structure were implemented in this work to manage and enforce the policies attached to packets at every node in the VANET. Some case studies are presented in this thesis to show how data dissemination can be controlled based on the policy of the originator. The results of these case studies show the feasibility of our research to control the data dissemination between nodes in VANETs. NS-2 is also used to test the performance of the proposed policy-based agent protocol and demonstrate its effectiveness using various network performance metrics (average delay and overhead).

005.1

Cloud data storage security based on cryptographic mechanisms / La sécurité des données stockées dans un environnement cloud, basée sur des mécanismes cryptographiques

Kaaniche, Nesrine

15 December 2014

Au cours de la dernière décennie, avec la standardisation d’Internet, le développement des réseaux à haut débit, le paiement à l’usage et la quête sociétale de la mobilité, le monde informatique a vu se populariser un nouveau paradigme, le Cloud. Le recours au cloud est de plus en plus remarquable compte tenu de plusieurs facteurs, notamment ses architectures rentables, prenant en charge la transmission, le stockage et le calcul intensif de données. Cependant, ces services de stockage prometteurs soulèvent la question de la protection des données et de la conformité aux réglementations, considérablement due à la perte de maîtrise et de gouvernance. Cette dissertation vise à surmonter ce dilemme, tout en tenant compte de deux préoccupations de sécurité des données, à savoir la confidentialité des données et l’intégrité des données. En premier lieu, nous nous concentrons sur la confidentialité des données, un enjeu assez considérable étant donné le partage de données flexible au sein d’un groupe dynamique d’utilisateurs. Cet enjeu exige, par conséquence, un partage efficace des clés entre les membres du groupe. Pour répondre à cette préoccupation, nous avons, d’une part, proposé une nouvelle méthode reposant sur l’utilisation de la cryptographie basée sur l’identité (IBC), où chaque client agit comme une entité génératrice de clés privées. Ainsi, il génère ses propres éléments publics et s’en sert pour le calcul de sa clé privée correspondante. Grâce aux propriétés d’IBC, cette contribution a démontré sa résistance face aux accès non autorisés aux données au cours du processus de partage, tout en tenant compte de deux modèles de sécurité, à savoir un serveur de stockage honnête mais curieux et un utilisateur malveillant. D’autre part, nous définissons CloudaSec, une solution à base de clé publique, qui propose la séparation de la gestion des clés et les techniques de chiffrement, sur deux couches. En effet, CloudaSec permet un déploiement flexible d’un scénario de partage de données ainsi que des garanties de sécurité solides pour les données externalisées sur les serveurs du cloud. Les résultats expérimentaux, sous OpenStack Swift, ont prouvé l’efficacité de CloudaSec, en tenant compte de l’impact des opérations cryptographiques sur le terminal du client. En deuxième lieu, nous abordons la problématique de la preuve de possession de données (PDP). En fait, le client du cloud doit avoir un moyen efficace lui permettant d’effectuer des vérifications périodiques d’intégrité à distance, sans garder les données localement. La preuve de possession se base sur trois aspects : le niveau de sécurité, la vérification publique, et les performances. Cet enjeu est amplifié par des contraintes de stockage et de calcul du terminal client et de la taille des données externalisées. Afin de satisfaire à cette exigence de sécurité, nous définissons d’abord un nouveau protocole PDP, sans apport de connaissance, qui fournit des garanties déterministes de vérification d’intégrité, en s’appuyant sur l’unicité de la division euclidienne. Ces garanties sont considérées comme intéressantes par rapport à plusieurs schémas proposés, présentant des approches probabilistes. Ensuite, nous proposons SHoPS, un protocole de preuve de possession de données capable de traiter les trois relations d’ensembles homomorphiques. SHoPS permet ainsi au client non seulement d’obtenir une preuve de la possession du serveur distant, mais aussi de vérifier que le fichier, en question, est bien réparti sur plusieurs périphériques de stockage permettant d’atteindre un certain niveau de la tolérance aux pannes. En effet, nous présentons l’ensemble des propriétés homomorphiques, qui étend la malléabilité du procédé aux propriétés d’union, intersection et inclusion / Recent technological advances have given rise to the popularity and success of cloud. This new paradigm is gaining an expanding interest, since it provides cost efficient architectures that support the transmission, storage, and intensive computing of data. However, these promising storage services bring many challenging design issues, considerably due to the loss of data control. These challenges, namely data confidentiality and data integrity, have significant influence on the security and performances of the cloud system. This thesis aims at overcoming this trade-off, while considering two data security concerns. On one hand, we focus on data confidentiality preservation which becomes more complex with flexible data sharing among a dynamic group of users. It requires the secrecy of outsourced data and an efficient sharing of decrypting keys between different authorized users. For this purpose, we, first, proposed a new method relying on the use of ID-Based Cryptography (IBC), where each client acts as a Private Key Generator (PKG). That is, he generates his own public elements and derives his corresponding private key using a secret. Thanks to IBC properties, this contribution is shown to support data privacy and confidentiality, and to be resistant to unauthorized access to data during the sharing process, while considering two realistic threat models, namely an honest but curious server and a malicious user adversary. Second, we define CloudaSec, a public key based solution, which proposes the separation of subscription-based key management and confidentiality-oriented asymmetric encryption policies. That is, CloudaSec enables flexible and scalable deployment of the solution as well as strong security guarantees for outsourced data in cloud servers. Experimental results, under OpenStack Swift, have proven the efficiency of CloudaSec in scalable data sharing, while considering the impact of the cryptographic operations at the client side. On the other hand, we address the Proof of Data Possession (PDP) concern. In fact, the cloud customer should have an efficient way to perform periodical remote integrity verifications, without keeping the data locally, following three substantial aspects : security level, public verifiability, and performance. This concern is magnified by the client’s constrained storage and computation capabilities and the large size of outsourced data. In order to fulfill this security requirement, we first define a new zero-knowledge PDP proto- col that provides deterministic integrity verification guarantees, relying on the uniqueness of the Euclidean Division. These guarantees are considered as interesting, compared to several proposed schemes, presenting probabilistic approaches. Then, we propose SHoPS, a Set-Homomorphic Proof of Data Possession scheme, supporting the 3 levels of data verification. SHoPS enables the cloud client not only to obtain a proof of possession from the remote server, but also to verify that a given data file is distributed across multiple storage devices to achieve a certain desired level of fault tolerance. Indeed, we present the set homomorphism property, which extends malleability to set operations properties, such as union, intersection and inclusion. SHoPS presents high security level and low processing complexity. For instance, SHoPS saves energy within the cloud provider by distributing the computation over multiple nodes. Each node provides proofs of local data block sets. This is to make applicable, a resulting proof over sets of data blocks, satisfying several needs, such as, proofs aggregation

Stockage des données dans le cloud

Confidentialité des données

Intégrité des données

Preuve de possession de données

Sécurité des données dans le cloud

Cryptographie basée sur l'identité

Cryptographie homomorphique

Preuve sans apport de connaissance

Cloud data storage

Data confidentiality

Data integrity

Proof of data possession

Cloud data security

Identity based cryptography

Homomorphic cryptography

Zero-knowledge proofs