Sécurité des Systèmes Distribués Virtualisés : De la Modélisation au Déploiement

This Thesis deals with security for virtualized distributed environments such as Clouds. In these environments, a client can access resources or services (compute, storage, etc.) on-demand without prior knowledge of the infrastructure underneath. These services are low-cost due to the mutualization of resources. As a result, the clients share a common infrastructure. However, the concentration of businesses and critical data makes Clouds more attractive for malicious users, especially when considering new attack vectors between tenants.Nowadays, Cloud providers offer default security or security by design which does not fit tenants' custom needs. This gap allows for multiple attacks (data thieft, malicious usage, etc.)In this Thesis, we propose a user-centric approach where a tenant models both its security needs as high-level properties and its virtualized application. These security objectives are based on a new logic dedicated to expressing system-based information flow properties. Then, we propose security-aware algorithm to automatically deploy the application and enforce the security properties. The enforcement can be realized by taking into account shared resources during placement decision and/or through the configuration of existing security mechanisms.Cette thèse s'intéresse à la sécurité des environnements virtualisés distribués type “Clouds” ou informatique en nuage. Dans ces environnements, le client bénéficie de ressources ou services (de calcul, stockage, etc.) à la demande sans connaissance de l'infrastructure sous-jacente. Ces services sont proposés à bas coût en mutualisant les ressources proposées aux clients. Ainsi, ces derniers se retrouvent à partager une infrastructure commune. Cependant, cette concentration des activités en fait une cible privilégiée pour un attaquant, d'autant plus intéressante que les Clouds présentent de nouveaux vecteurs d'attaque entre les clients du Clouds de part le partage des ressources. Actuellement, les fournisseurs de solutions de Cloud proposent une sécurité par défaut ne correspondant pas nécessairement aux besoins de sécurité des clients. Cet aspect est donc bien souvent négligé et cette situation donne lieu à de nombreux exemples d'attaques (vol de données, usage malicieux, etc.). Dans cette thèse, nous proposons une approche où le client spécifie ses besoins de sécurité ainsi que son application virtualisée au sein d'un modèle. Nous proposons notamment une nouvelle logique dédiée à l'expression de propriétés sur la propagation de l'information dans un système.Puis, nous proposons un déploiement automatique de ce modèle sur une infrastructure de type Cloud basée sur la virtualisation grâce à nos nouveaux algorithmes prenant en compte les propriétés de sécurité. Ces dernières sont assurées via un placement prenant en compte les risques d'attaques entre ressources partagées et/ou via la configuration de mécanismes de sécurité existants au sein du système

Information Flow for Secure Distributed Applications

PhD thesisPrivate and confidential information is increasingly stored online and increasingly being exposed due to human errors as well as malicious attacks. Information leaks threaten confidentiality, lead to lawsuits, damage enterprise reputations, and cost billion of dollars. While distributed computing architectures provide data and service integration, they also create information flow control problems due to the interaction complexity among service providers. A main problem is the lack of an appropriate programming model to capture expected information flow behaviors in these large distributed software infrastructures. This research tackles this problem by proposing a programming methodology and enforcement platform for application developers to protect and share their sensitive data. We introduce Aeolus, a new platform intended to make it easier to build distributed applications that avoid the unauthorized release of information. The Aeolus security model is based on information flow control but differs from previous work in ways that we believe make it easier to use and understand. In addition, Aeolus provides a number of new mechanisms (anonymous closures, compound tags, boxes, and shared volatile state) to ease the job of writing applications. This thesis provides examples to show how Aeolus features support secure distributed applications. It describes the system design issues and solutions in designing a prototype implementation and presents performance results that show our platform has low overhead

Occupational respiratory diseases

Shipping list no.: 87-222-P."September 1986."S/N 017-033-00425-1 Item 499-F-2Also available via the World Wide Web.Includes bibliographies and index

Multidisciplinary perspectives on Artificial Intelligence and the law

This open access book presents an interdisciplinary, multi-authored, edited collection of chapters on Artificial Intelligence (‘AI’) and the Law. AI technology has come to play a central role in the modern data economy. Through a combination of increased computing power, the growing availability of data and the advancement of algorithms, AI has now become an umbrella term for some of the most transformational technological breakthroughs of this age. The importance of AI stems from both the opportunities that it offers and the challenges that it entails. While AI applications hold the promise of economic growth and efficiency gains, they also create significant risks and uncertainty. The potential and perils of AI have thus come to dominate modern discussions of technology and ethics – and although AI was initially allowed to largely develop without guidelines or rules, few would deny that the law is set to play a fundamental role in shaping the future of AI. As the debate over AI is far from over, the need for rigorous analysis has never been greater. This book thus brings together contributors from different fields and backgrounds to explore how the law might provide answers to some of the most pressing questions raised by AI. An outcome of the Católica Research Centre for the Future of Law and its interdisciplinary working group on Law and Artificial Intelligence, it includes contributions by leading scholars in the fields of technology, ethics and the law.info:eu-repo/semantics/publishedVersio

Play Among Books

How does coding change the way we think about architecture? Miro Roman and his AI Alice_ch3n81 develop a playful scenario in which they propose coding as the new literacy of information. They convey knowledge in the form of a project model that links the fields of architecture and information through two interwoven narrative strands in an “infinite flow” of real books

2011-2012 UNLV McNair Journal

Journal articles based on research conducted by undergraduate students in the McNair Scholars Program Table of Contents Biography of Dr. Ronald E. McNair Statements: Dr. Neal J. Smatresk, UNLV President Dr. Juanita P. Fain, Vice President of Student Affairs Dr. William W. Sullivan, Associate Vice President for Retention and Outreach Mr. Keith Rogers, Deputy Executive Director of the Center for Academic Enrichment and Outreach McNair Scholars Institute Staf