(Français) Projet TRUSTINCloudS

Cybersecurity of Cloud infrastructures

— Preview

Development of solutions for the major cybersecurity challenges specific to Cloud environments, to ensure the confidentiality, integrity and availability of data, applications and services

Aymen Boudguiga

Keywords : Privacy, Integrity, Application, Data, Cloud

The work carried out in this project aims to adapt traditional security mechanisms (e.g. PEPR Cyber) to the characteristics of the Cloud, in order to deal with the threats specific to different types of Cloud (IaaS, PaaS, …). The main objective of TRUSTINCloudS is to study and develop new methodologies for strengthening Cloud security, and to implement them in platforms in order to build a sovereign and trusted Cloud. It will also raise awareness of the possibilities and limitations of these methodologies. The project is organized in such a way as to work on the one hand on the security of infrastructures, and on the other on the security of the data that these infrastructures host. The project will carry out scientific work on these two major themes, with the aim of developing new methods and tools for securing infrastructures and data. Where relevant, this theoretical work will give rise to prototype implementations for proof-of-concept purposes. We will be using the shared SILECS infrastructure of the PEPR Cloud.

— Missions

— Our researches

The project is organized into 6 work packages. The first work package (work package 0) is dedicated to the management, monitoring and smooth running of the project.

Identification and management of infrastructure cyber risks

Specifies methods for risk analysis, threat identification and auditing of dynamic and collaborative Cloud infrastructures


Protection, detection and response for infrastructure

Proposes security policies for these infrastructures, and in particular studies the protection, detection and incident response mechanisms to be applied. It defines countermeasures to the risks identified in lot 1, to ensure that these do not lead to malicious activities or cyber-attacks.


Identifying and managing cyber risks to data

Identifies the risks associated with data managed in the Cloud. It specifies data management methods, studies their ethical uses and assesses users’ acceptability of them.


Data protection, detection and response

Specifies protection solutions for sensitive data using cryptographic techniques or distributed registers


Experiments

Prototyping and validation through proofs of concept

— Partners

Consortium

CEA, IMT, EURECOM, Inria, Université Toulouse 3 Paul Sabatier, Université d’Aix-Marseille, Université de Lorraine, Université Toulouse Capitole, CNRS

— Research team

29 Permanent staff (not financed by the project)
30 Project-funded staff, including :
20 PhD students
9 post-docs
1 engineer

Our teams in France


Other projects


Comments are closed.