Slim Trabelsi

Data disclosure risk evaluation

Many companies have to share various types of information containing private data without being aware about the threats related to such non-controlled disclosure. Therefore we propose a solution to support these companies to evaluate the disclosure risk for all their types of data; by recommending the safest configurations using a smart bootstrapping system.

Data usage control in the future internet cloud

The increasing collection of private information from individuals is becoming a very sensitive issue for citizens, organizations, and regulators. Laws and regulations are evolving and new ones are continuously cropping up in order to try to control the terms of usage of these collected data, but generally not providing a real efficient solution. Technical solutions are missing to help and support the legislator, the data owners and the data collectors to verify the compliance of the data usage conditions with the regulations. Recent studies address these issues by proposing a policy-based framework to express data handling conditions and enforce the restrictions and obligations related to the data usage. In this paper, we first review recent research findings in this area, outlining the current challenges. In the second part of the paper, we propose a new perspective on how the users can control and visualize the use of their data stored in a remote server or in the cloud. We introduce a trusted event handler and a trusted obligation engine, which monitors and informs the user on the compliance with a previously agreed privacy policy.

Towards a trustworthy service marketplace for the future internet

Digital economy is moving towards offering advanced business services, integrated into different applications and consumed from heterogeneous devices. Considering the success of actual software marketplaces, it is possible to foresee that Service Marketplaces (SM) will play a key role for the future Internet of Services. At present, on all offered software, marketplace operators define requirements that are common, and are validated before admitting them. However, the requirements, the validation process, and its results are not completely evident to the service consumers, resulting in a significant shortcoming especially with respect to security characteristics. In addition, having common security requirements for all services and applications makes the validation possibly inadequate to address the specific requirements that consumers may have. In order to address these points, we propose the concept of a trustworthy service marketplace for the upcoming Internet of Services, where the security characteristics of services are certified and treated as first-class entities, represented in a machine-processable format. This allows service consumers --- either human end-users or computer agents --- to reason about these security features and to match them with their specific security requirements.

Privacy-aware policy matching

Security policies exchanged between applications are typically huge, complex and private. A server must publish these policies to permit any client that wants to use the service to match it with its own preferences and assess whether it complies with its security policy. This matching process consists of first verifying whether the client can access the service and then checks if the security policy of the server is compliant with the clients privacy preferences. In this paper we propose a privacy-aware policy matching model, where security policies and users preferences are represented as binary vectors using bloom filter vectors. These vectors can be published by the server without any risk of disclosing its security policy. When the client wants to match this vector to its preferences vector it just compares the two binary arrays, without disclosing its policy. The binary comparison is also much faster and cost effective than parsing two XML files.

Optimizing Access Control Performance for the Cloud

Cloud computing is synonym of high performance computing. It offers a very scalable infrastructure to deploy a huge number of systems and services without any impact of the performance. Such a wide distributed infrastructure, as for the traditional systems, requires authorization and access control mechanisms to ensure the basic security requirements to restrict the access to resources. To satisfy these requirements cloud providers still rely on the traditional authorization and access control systems that in some critical cases can generate performance issues. More the access control structure is complex (many authorization levels, many users and resources to protect), more the enforcement of the access control policies is slow. In this paper we propose a performance study for these traditional access control mechanisms demonstrating the overhead generated by the authorizations checking that can appear in extreme usage conditions. We propose a new approach to make access control systems more scalable and adapted to cloud computing high performance requirements. This approach is based on a high speed caching access control tree that accelerates the decision without impacting on the consistency of the rules. We compare the performance test results obtained by our solution to a traditional Access control system deployed in the cloud.

Towards Personal Data Identification and Anonymization Using Machine Learning Techniques

The requirements imposed by the new European personal Data Protection Regulation (GDPR) are applicable for all European citizens data processed anywhere in the world. The GDPR requires companies to identify, protect and make compliant their processing of personal data collected from European citizens. Identifying personal data in a non- structured set of big data can be a painful and cost-ineffective operation. In a static search or in a big data streaming mode, this kind of operation requires a huge human effort and/or computing resources, if done manually. The strain becomes event harder when after detection, one has to pseudo- or anonymize some pieces of information according to their category (name, address, age, etc.). The current approaches to identify personal data to anonymize are mainly based on text identification executed via regular expression scripts that are not dynamic enough to identify different formats of personal information.

Enhancing Access Control Trees for Cloud Computing

In their different facets and flavours, cloud services are known for their performance and scalability in the number of users and resources. Cloud computing therefore needs security mechanisms that have the same characteristics. The Access Control Tree (ACT) is an authorization mechanism proposed for cloud services due to its performances and scalability in the number of resources and users. After an initial set-up phase, the ACT permits to simplify the evaluation of an authorization request to a simple visit to the tree structure. Our contribution extends ACT towards instance-based access control models by allowing the expression and evaluation of conditions in access control decisions. We evaluated our contribution against an Open Source authorization mechanism to evaluate its performance and suitability to production settings. Early results seem encouraging with this respect.

Sharing data through confidential clouds: an architectural perspective

Cloud and mobile are two major computing paradigms that are rapidly converging. However, these models still lack a way to manage the dissemination and control of personal and business-related data. To this end, we propose a framework to control the sharing, dissemination and usage of data based on mutually agreed Data Sharing Agreements (DSAs). These agreements are enforced uniformly, and end-to-end, both on Cloud and mobile platforms, and may reflect legal, contractual or user-defined preferences. We introduce an abstraction layer that makes available the enforcement functionality across different types of nodes whilst hiding the distribution of components and platform specifics. We also discuss a set of different types of nodes that may run such a layer.

Re-Identification Risk Based Security Controls

Companies are taking more and more advantage of cloud architectures for their IT systems. By combining private and public cloud resources, it is possible to facilitate data submissions by customers and processing with third parties, among other advantages. But this represents also a potential threat to personal datas privacy and confidentiality. Even if legal obligations regulate the usage of personal data, for example requiring to disclose them in anonymised form, users do not have any visibility or control on data disclosure operations, nor on anonmymisation policies used by companies. To this extent, we propose a solution to establish and enforce data-centric security policies, in order to enable secure and compliant data processing operations. Our proposal is particularly fit for cloud architectures as it supports multiple actors with different roles, responsibilities and obligations. We also present a use case to demonstrate the peculiarities of our proposition.

Sharing Data for Public Security

Data sharing is a valuable tool for improving security. It allows integrating information from multiple sources to better identify and respond to global security threats. On the other side, sharing of data is limited by privacy and confidentiality. A possible solution is removing or obfuscating part of the data before release (anonymization), and, to this scope, various masking algorithms have been proposed. However, finding the right balance between privacy and the quality of data is often difficult, and it needs a fine calibration of the anonymization process. It includes choosing the ’best’ set of masking algorithms and an estimation of the risk in releasing the data. Both these processes are rather complex, especially for non-expert users. In this paper, we illustrate the typical issues in the anonymization process, and introduce a tool for assisting the user in the choice of the set of masking transformations. We also propose a caching system to speed up this process over multiple runs on similar datasets. Although, the current version has limited functionalities, and more extensive testing is needed, it is a first step in the direction of developing a user-friendly support tool for anonymization.