Titulo Estágio
Big Data Self-Adaptable Security on the Cloud
Áreas de especialidade
Engenharia de Software
Local do Estágio
DEI/CISUC/SSE (and possibly CMU (USA)/Institute of Software Research)
Enquadramento
The Big Data era will be led by the individuals and companies that deliver platforms and tools for exploration and development, visualization, search and discovery, while guaranteeing security and scalability. Organizations are also assessing how to manage the volume, variety, and velocity of their information in an effort to find ways to take better decisions to improve their competiveness, efficiency and profitability. At the same time, businesses are increasingly moving their data centers into the cloud, in order to reduce the cost of infrastructure ownership and to provide added flexibility, as the amount of resources can vary flexibly with the evolution of the business.
In order to guarantee that data is not accessed by others, mechanisms have to be added that are very expensive in terms of processing. Preventive data security techniques are used for protecting data in advance of attacks.
Objetivo
In this project, we propose and test solutions to optimize data security in the cloud. On one hand, we need to investigate the use of a set of security techniques, such as encryption, masking, anonymity and access control, and also to apply and test a set of new techniques that we developed in the past. On the other hand, we need to adapt these approaches to a cloud environment and to guarantee elastic scalability and service level agreements. In terms of scalability and elasticity, it is necessary to guarantee that the system scales adequately in presence of specialized security and privacy techniques.
Self-adaptation techniques can be used in this context to provide architecture-based self-protection, thereby allowing reasoning about security properties in the context of other business properties, such as performance, cost, availability, etc. We plan to take advantage of some of the general patterns identified in “Architecture- based self-protecting software systems” work, and instantiate them in the context of Big Data protection in order to achieve scalable security, while making reasonable tradeoffs with other qualities. Moreover, this will imply the implementation of preventive techniques as adaptation tactics in Rainbow (a framework for architecture-based self-adaptation developed at CMU) that can be applied proactively to minimize the risks associated with potential threats.
Plano de Trabalhos - Semestre 1
This work includes the following activities:
(a) [2014-09-01 to 2014-10-31] Review of the state-of-the-art in data confidentiality techniques and current security mechanisms on the cloud;
(b) [2014-11-01 to 2015-01-31] Proposal of scalable security mechanisms for cloud data;
(c) [2014-12-01 to 2015-01-31] Write Thesis Proposal;
Plano de Trabalhos - Semestre 2
(d) [2015-02-01 to 2015-04-30] Implementation of prototype with scalable security mechanisms;
(e) [2014-11-01 to 2015-04-30] Experimental validation of the approaches;
(f) [2015-04-01 to 2015-05-31] Write a paper;
(g) [2015-03-01 to 2015-07-31] Write the thesis.
Condições
The work is to be executed at the laboratories of the CISUC’s Software and Systems Engineering Group and eventually at Institute of Software Research-Carnegie Mellon University (CMU). A work place will be provided as well as the required computational resources. The student will apply for a CMU-Portugal international internship during 8-12 weeks (http://www.cmuportugal.org/tiercontent.aspx?id=5204).
Observações
DEI Co-advisers:
- Pedro Furtado (pnf@dei.uc.pt) and Jorge Bernardino (jorge@isec.pt)
CMU Co-advisers: (?)
- Bradley Schmerl (schmerl+@cs.cmu.edu) and Javier Camara Moreno (jcmoreno@cs.cmu.edu)
Orientador
Pedro Furtado, Jorge Bernardino
pnf@dei.uc.pt 📩