Objective

The value proposition of secure elements to protect software execution on a personal computer or on a server is not to be demonstrated.

Nowadays, the emergence of cloud computing has led to a growing number of use case scenarios where each has to deal, not with a single computer but rather with a group of connected computers. The load balancing of servers, or distributed computing over a computing grid are examples of such a situation. The cloud security challenge is not only to secure the software running on one single machine, but rather to manage and guarantee the security of a group or cluster of computers seen as a single entity. Thus, SEED4C focuses on a new cloud security paradigm sustained by a cooperative point of enforcement approach. This would be achieved in SEED4C under the concept of Network of Secure elements (NoSEs).

objectives

As NoSEs facilitate security associations, are able to establish a trusted network of computers and manage security stipulations from a central standpoint to a distributed one, the project will aim to analyse their impact upon the architecture different layers.

At the lower level, form factor and physical interfaces of secure elements to the host will be studied as well as, the management of their life cycle. In particular, suitable boot-strapping mechanisms enabling to build the NoSE by leveraging initial secrets will be identified.

At an upper level, definition and implementation of security and access control policies involving the secure elements will be specified, as well as the middleware solutions to interface to the corresponding functional blocks.

In addition, an important part of the project will focus on specific use cases and the NoSEs effect on them. One particular focus on uses case will address Privacy and Identity management in the cloud. The project will studies in particular how privacy and other data related policies can take advantage of presence of interconnected SE to guaranty user privacy by controlling who can access to data and how privacy can be maintained while data are moving in the cloud.