SUPERCLOUD: User-Centric Management of Security and Dependability in Clouds of Clouds

From Navigators

Latest revision as of 10:06, 2 October 2018

http://www.supercloud-project.eu/

• Research Line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)
• Sponsor: EU H2020-ICT-2014-1
• Project Number: 643964
• Coordinator: Technikon Forschungs- und Planungsgesellschaft mbH
• Partners: FCUL; ORANGE; IBM; IMT; TUDA; PHILIPS; MAXDATA
• Start Date: Feb. 2015
• Duration: 36 months
• Team at FCUL: Researchers including Nuno Ferreira Neves, Alysson Bessani, Fernando Ramos, Miguel Garcia, Vinicius Vielmo Cogo, Ricardo Mendes, Max Alaluna, Eric Vial, Luís Ferrolho, Fabio Pereira, Pedro Alves

Summary

Today, despite its unravelling business benefits, distributed cloud computing raises many security and dependability concerns. Root causes include increase in complexity and lack of interoperability between heterogeneous, often proprietary infrastructure technologies. SUPERCLOUD thus proposes new security and dependability infrastructure management paradigms that are : 1) user-centric, for self-service clouds-of-clouds where customers define their own protection requirements and avoid lock-ins; and 2) self-managed, for self-protecting clouds-of-clouds that reduce administration complexity through automation. SUPERCLOUD will reach the following objectives:

• Self-Service Security: Implementation of a cloud architecture that gives users the flexibility to define their own protection requirements and instantiate policies accordingly.
• Self-Managed Security: Development of an autonomic security management framework that operates seamlessly over compute, storage and network layers, and across provider domains to ensure compliance with security policies.
• End-to-End Security: Proposition of trust models and security mechanisms that enable composition of services and trust statements across different administrative provider domains.
• Resilience: Implementation of a resource management framework that composes provider-agnostic resources in a robust manner using primitives from diverse cloud providers.

The SUPERCLOUD methodology will be validated by testbed integration for real-world use cases in the healthcare domain, ranging from deploying a distributed medical imaging platform to running a full laboratory information system. The consortium is industry-led with partners actively involved in promotion of open source cloud technologies and contributing to major standardization bodies in cloud security, inter-cloud architectures, security protocols, and SDN. SUPERCLOUD will leverage its expertise in these domains to promote and ensure market validity of the research findings.

Publications

• Ricardo Mendes, Tiago Oliveira, Vinicius Vielmo Cogo, Nuno Ferreira Neves, Alysson Bessani, “CHARON: A Secure Cloud-of-Clouds System for Storing and Sharing Big Data”, IEEE Transactions on Cloud Computing, vol. 9, no. 4, pp. 1349–1361, Oct. 2021. 10.1109/TCC.2019.2916856

• Vinicius Vielmo Cogo, João Paulo, Alysson Bessani, “GenoDedup: Similarity-Based Deduplication and Delta-Encoding for Genome Sequencing Data”, IEEE Transactions on Computers, vol. 70, no. 5, pp. 669–681, May 2021. DOI: 10.1109/TC.2020.2994774

• Max Alaluna, Eric Vial, Nuno Ferreira Neves, Fernando Ramos, “Secure Multi-Cloud Network Virtualization”, Computer Networks, vol. 161, pp. 45–60, Oct. 2019.

• Vinicius Vielmo Cogo, Alysson Bessani, “Enabling the Efficient, Dependable Cloud-based Storage of Human Genomes”, in 1st Workshop on Distributed and Reliable Storage Systems (DRSS'19), Oct. 2019.

• Joao Paulino, “A Deep Dive Into Embedding Algorithms For Secure Network Virtualization”, Master’s thesis, Mestrado em Segurança Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Jan. 2019.

• Rui Marques, Salvatore Signorello, Fernando Ramos, “Named Data Networking with Programmable Switches”, in 1st P4 European Workhop, Sept. 2018.

• José Soares, “Migration of networks in a multi-cloud environment”, Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Sept. 2018.

• João Sousa, Alysson Bessani, Marko Vukolić, “A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform”, in 48th IEEE/IFIP International Conference on Dependable Systems and Networks, Jun. 2018.

• João Sousa, Alysson Bessani, Marko Vukolić, “A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform (short paper)”, in Proceedings of the 1st Workshop on Scalable and Resilient Infrastructures for Distributed Ledgers, Dec. 2017.

• Pedro Costa, “Dependable MapReduce in a Cloud-of-Clouds”, Ph.D. dissertation, Doutoramento em Informática, Faculdade de Ciências da Universidade de Lisboa, Nov. 2017.

• Diogo Pinto, “Network coding data planes with programmable switches”, Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Oct. 2017.

• João Sousa, Alysson Bessani, Marko Vukolić, “A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform”, arXiv, Tech. Rep. 1709.06921, Sept. 2017.

• Vinicius Vielmo Cogo, Alysson Bessani, Francisco M. Couto, Margarida Gama-Carvalho, Maria Fernandes, Paulo Esteves-Verissimo, “How can photo sharing inspire sharing genomes?”, in Proceedings of the 11th International Conference on Practical Applications of Computational Biology & Bioinformatics (PACBB'17), Porto, Portugal, Jun. 2017.

• Bruno Vavala, Nuno Neves, Peter Steenkiste, “Secure Tera-scale Data Crunching with a Small TCB”, in Proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), Jun. 2017.

• Pedro Costa, Fernando Ramos, Miguel Correia, “Chrysaor: Fine-Grained, Fault-Tolerant Cloud-of-Clouds MapReduce”, in IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), May 2017.

• Max Alaluna, Eric Vial, Nuno Ferreira Neves, Fernando Ramos, “Secure and Dependable Multi-Cloud Network Virtualization”, in 1st International Workshop on Security and Dependability of Multi-Domain Infrastructures (XDOM0), Apr. 2017.

• André Nogueira, António Casimiro, Alysson Bessani, “Elastic State Machine Replication”, IEEE Transactions on Parallel and Distributed Systems, Mar. 2017.

• Pedro Costa, Miguel Correia, Fernando Ramos, “On the Design of Resilient Multicloud MapReduce”, IEEE Cloud Computing, 2017.

• Tiago Oliveira, Ricardo Mendes, Alysson Bessani, “Exploring Key-Value Stores in Multi-Writer Byzantine-Resilient Register Emulations”, in Proceedings of the 20th International Conference On Principles Of DIstributed Systems (OPODIS'16), Dec. 2016.

• M. Lacoste, M. Miettinen, Nuno Ferreira Neves, Fernando Ramos, M. Vukolic, F. Charmet, R. Yaich, K. Oborzynski, G. Vernekar, Paulo Sousa, “User-Centric Security and Dependability in the Clouds-of-Clouds”, IEEE Cloud Computing, vol. 3, no. 5, pp. 64–75, Nov. 2016.

• André Mantas, “Consistent and Fault-Tolerant SDN Controller”, Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Nov. 2016.

• Luís Ferrolho, “Secure and Dependable Virtual Network Embedding”, Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Nov. 2016.

• Fábio Botelho, Túlio Ribeiro, Paulo Ferreira, Fernando Ramos, Alysson Bessani, “Design and Implementation of a Consistent Datastore for a Distributed SDN Control Plane”, in Proceedings of The 12th European Dependable Computing Conference (EDCC), Sept. 2016.

• Joel Alcântara, “Low-cost Cloud-based Disaster Recovery for Transactional Databases”, Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Sept. 2016.

• Max Alaluna, Fernando Ramos, Nuno Ferreira Neves, “(Literally) above the clouds: Virtualizing the network over multiple clouds”, in Proceedings of the IEEE Conference on Network Softwarization (NetSoft), Jun. 2016.

• Bruno Vavala, Nuno Ferreira Neves, Peter Steenkiste, “Secure Identification of Actively Executed Code on a Generic Trusted Component”, in Proceedings of the International Conference on Dependable Systems and Networks (DSN), Jun. 2016.

• Vinicius Vielmo Cogo, Alysson Bessani, “Efficient Storage of Whole Human Genomes”, in Poster in the 11th European Conference on Computer Systems (EuroSys), London, UK, Apr. 2016.

• André Mantas, Fernando Ramos, “Consistent and fault-tolerant SDN with unmodified switches”, in Poster in the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), Mar. 2016.

• Eduardo Adilio Pelinson Alchieri, Alysson Bessani, Fabíola Greve, Joni da Silva Fraga, “Knowledge Connectivity Requirements for Solving Byzantine Consensus with Unknown Participants”, IEEE Transactions on Dependable and Secure Computing, Mar. 2016. accepted for publication

• João Sousa, Alysson Bessani, “Separating the WHEAT from the Chaff: An Empirical Design for Geo-Replicated State Machines”, in Proceedings of the 34th Symposium on Reliable Distributed Systems (SRDS), Montreal, Canada, Sept. 2015.

• Ricardo Mendes, Tiago Oliveira, Alysson Bessani, “Exclusão Mútua Tolerante a Faltas Bizantinas na Cloud”, in INForum 2015, Sept. 2015.

• João Sousa, Alysson Bessani, “Separating the WHEAT from the Chaff: An Empirical Design for Geo-Replicated State Machines (extended version)”, Faculdade de Ciências, Universidade de Lisboa, Portugal, Tech. Rep. TR-2015-04, Jul. 2015.

• Alysson Bessani, Ricardo Mendes, Tiago Oliveira, “On the Consistency of Heterogeneous Composite Objects”, in Proceedings of the 2nd Workshop on Principles and Practice of Consistency for Distributed Data - co-located with EuroSys, Bordeux, France, Apr. 2015.

BibTeX