Usage Control in the Mobile Cloud

About Usage Control in the Mobile Cloud

• Contact person: has supervisor::Paola Grosso
• Contact person: has supervisor::Fatih Turkmen
• This project has not yet been fulfilled.
• This project fits in the following Bachelor programs: {{#arraymap:|, |xXx|bachelorproject within::xXx|,}}
• This project fits in the following masterareas: {{#arraymap:Computer Systems and Security, High Performance Distributed Computing, Internet and Web Technology, Parallel and Distributed Computer Systems|, |xXx|project within::xXx|,}}

Description

Mobile clouds [1] aim to integrate mobile computing and sensing with rich computational resources offered by cloud back-ends. They are particularly useful in services such as transportation, healthcare and so on when used to collect, process and present data from physical world. In this thesis, we will focus on the usage control, in particular privacy, of the collected data pertinent to mobile clouds. Usage control[2] differs from traditional access control by not only enforcing security requirements on the release of data by also on what happens afterwards. The thesis will involve the following steps: - Propose an architecture over cloud for "usage control as a service" (extension of authorization as a service) for the enforcement of usage control policies - Implement the architecture (compatible with Openstack[3] and Android) and evaluate its performance.

References [1] https://en.wikipedia.org/wiki/Mobile_cloud_computing [2] Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) [3] https://en.wikipedia.org/wiki/OpenStack [4] Slim Trabelsi, Jakub Sendor: "Sticky policies for data control in the cloud" PST 2012: 75-80