Marie-Pascale Dupont

End-to-end privacy policy enforcement in cloud infrastructure

Privacy in the cloud is still a strong issue for the large adoption of cloud technologies by enterprises which fear to actually put their sensitive data in the cloud. There is indeed a need to have an efficient access control on the data stored and processed in the cloud infrastructure allowing to support the various business and country-based regulation constraints (e.g., on data location and co-location, data retention duration, data processing, node security level, tracing and audit). In this perspective, this paper presents a novel approach of end-to-end privacy policy enforcement over the cloud infrastructure and based on the sticky policy paradigm (a policy being bound to each sensitive data). In our approach the data protection is performed within the cloud nodes (e.g., within the internal file system of a VM or its attached volume) and is completely transparent for the applications (no need to modify the applications). This paper describes the concept and the proposed end-to-end architecture (from the client to the cloud nodes) as well as an implementation based on the FUSE (Filesystem in Userspace) technology. This implementation is executed on a scenario of data access and transfer control, and is also used to achieve performance evaluations. These evaluations show that, with a reasonable additional computation cost, this approach offers a flexible and transparent way to enforce various privacy constraints within the cloud infrastructure.

Privacy control in the cloud based on multilevel policy enforcement

The cloud computing paradigm is revolutionizing the delivery of information services as it offers several advantages in terms of cost reduction, time-to-market and flexibility. However, such flexibility raises many concerns related to security and privacy which are strong obstacles for the large adoption of the cloud by users who have to delegate too much control to the cloud provider. In this paper, we propose a new privacy control approach notably based on multilevel privacy policies bound to user data and enforced in the cloud at different levels (application and infrastructure). This approach allows the cloud users to control their data stored, processed and moved in the cloud.

Privacy Data Envelope: Concept and implementation

In this paper, we present a privacy control mechanism called PDE (Privacy Data Envelope) allowing users to protect their privacy sensitive content travelling over social and communication networks. Our solution is based on privacy policies expressed by the user and associated with his content. This approach makes use of a decentralized architecture carried out through a PDE feature that has to be added to the existing application access tools like email clients and web browsers. A prototype has been developed to embody the PDE paradigm and to illustrate a scenario where such envelopes cross the boundaries of enterprise social networks and other communications tools. Preliminary performance evaluations were done helping the understanding of the PDE plug-in behaviors and computation overhead.

Privacy Control in Cloud VM File Systems

Cloud Computing offers great benefits such as reduced IT costs and an improved business agility. Nevertheless, enterprises are still hesitant to put their sensitive data in the cloud as they notably fear privacy issues (e.g., violation of country-based regulations regarding the storage location of a sensitive data). In this context, this paper presents the demonstration of a privacy control technology that allows to protect sensitive files stored, processed, and moved in an IaaS cloud. In our approach, the privacy control is performed within the file system of the Virtual Machines (VM) and allows to control the access done by any application to each sensitive file. It notably covers business applications (e.g., provided by the cloud user) and system applications such as FTP (e.g., to prevent the transfer of a sensitive file in a not authorized country). Moreover, our technology allows to generate tamper-proof traces for any action performed on a sensitive file. In the demonstration, we then also show how the cloud user has a full view of the usage of his sensitive files (e.g., number of copies, storage locations, performed actions). Finally, the demonstration shows these different capabilities through a scenario of file access and cross-country transfer in a multi-platform cloud environment.

Adaptive notification framework for smart nursing home

This paper presents an adaptive notification framework which allows to optimally deliver and handle multimedia requests and alerts in a nursing home. This framework is operated with various applications (e.g., health alert, medicine reminder, and activity proposition) and has been evaluated with different real end-users (elderly resident and medical staff) in a pilot site. Results of these evaluations are presented and highlight the added value of the framework technology to enhance the quality of life of elderly people as well as the efficiency of the medical staff.