Section: Partnerships and Cooperations

Regional Initiatives

• Région Bretagne ARED grant: the PhD of Regina Marin on privacy protection in distributed social networks is supported by a grant from the Région Bretagne.

• Labex COMINLAB contract (2012-2015): “POSEIDON”

  POSEIDON deals with the protection of data in outsourced or shared systems such as cloud computing and peer-to-peer networks. While these approaches are very promising solutions to outsource storage space, contents, data and services, they also raise serious security and privacy issues since users lose their sovereignty on their own data, services and systems. Instead of trying to prevent the bad effects of the cloud and of peer-to-peer systems, the main objective of the POSEIDON project is to turn benefit from their main characteristics (distribution, decentralization, multiple authorities, etc.) to improve the security and the privacy of the users' data, contents and services.

  This project is conducted in cooperation with Télécom Bretagne and Université de Rennes I. The PhD of Julien Lolive (co-supervised by Sébastien Gambs and Caroline Fontaine), which deals with the entwining of identification and privacy mechanisms, is funded by the POSEIDON project.

• Labex COMINLAB contract (2012-2015): “SecCloud”

  Nowadays attacks targeting the end-user and especially its web browser constitute a major threat. Indeed web browsers complexity has been continuously increasing leading to a very large attack surface. Among all possible threats, we tackle in the context of the SecCloud project those induced by client-side code execution (for example javascript, flash or html5).

  Existing security mechanisms such as os-level access control often only rely on users identity to enforce the security policy. Such mechanisms are not sufficient to prevent client-side browser attacks as the web browser is granted the same privileges as the user. Consequently, a malicious code can perform every actions that are allowed to the user. For instance, it can read and leak user private data (credit cart numbers, registered passwords, email contacts, etc.) or download and install malware.

  One possible approach to deal with such threats is to monitor information flows within the web browser in order to enforce a security information flow policy. Such a policy should allow to define fine-grained information flow rules between user data and distant web sites. This implies to propose an approach and to design and implement a mechanism that can handle both OS-level and browser-level information flows.

  Dynamically monitoring information flow at the web browser level may dramatically impact runtime performances of executed codes. Consequently, an important aspect of this work will be to benefit as far as possible from static analysis of application code. This static-dynamic hydride approach should reduce the number of verifications performed at run time.

  This study is conducted in cooperation with other Inria Teams (Ascola and Celtique). Deepak Subramanian is doing his PhD in the context of this project.

• Labex COMINLAB contract (2013-2016): “DeSceNt”

  In DeSceNt, we propose to investigate how decentralized home-based networks of plug computers can support personal clouds according to sound architectural principles, mechanisms, and programming abstractions. To fulfill this vision we see three core scientific challenges, which we think must be overcome. The first challenge, decentralized churn-poor design, arises from the nature of plug federations, which show much lower levels of churn than traditional peer-to-peer environments. The second challenge, quasi-causal consistency, is caused by the simultaneous needs to produce a highly scalable environment (potentially numbering millions of users), that also offers collaborative editing capabilities of mutable data-structures (to offer rich social interactions). The third and final challenge, intuitive data structures for plug programming, arises from the need by programmers for intuitive and readily reusable data-structures to rapidly construct rich and robust decentralized personal cloud applications.

  This study is conducted in cooperation with other teams (GDD Team (University of Nantes), EPI ASAP)