From Security in the cloud to security of the cloud. The value proposition of secure elements to protect software execution on a personal computer or on a server is not to be demonstrated. Nowadays, the emergence of cloud computing has led to a growing number of use case scenarios where one has to deal, not with a single computer but rather with a group of connected computers. In this case the challenge is not only to secure the software running on one single machine, but rather to manage and guarantee the security of a group of computers seen as a single entity. The main idea is to evolve from a security in the cloud (with isolated point of enforcement for security, the state of the art) to security of the cloud (with cooperative point of enforcement for security( the innovation proposed by this project) This project value proposition of cooperative points of enforcement of security is proposed under the concept of Network of Secure elements (NoSES). NoSES are made of individual secure elements attached to computers, user or network appliances and possibly pre-provisioned with initial secret keys. They can establish security associations, communicate together to setup a trusted network of computers and propagate security conditions centrally defined to a group of machines. The range of use cases use cases addressed by this concept is very broad; NoSES can be used to lock the execution of software to a group of specific machines, a particular application of this pertaining to tying virtual machines execution to specific servers. NoSEs can also be used to improve the security of distributed computing, not only by making sure that only trusted nodes can take part of the computing game, but also by certifying the integrity of the results returned by each one of them. Secure elements located in user appliances (such as a mobile handset) featuring a user interface can be part of NOSE and help secure server side operations using 2 factor authentication. The project will study the impact of NoSES upon the different layers of the architecture, from hardware to service in order to define how the trust can be propagated from the lower layers to the upper ones. At the lower level, the form factor and physical interfaces of secure elements to the host will be studied as well as, the management of their life cycle. At an upper level, the definition and implementation of security and access control and privacy policies involving the secure elements will be specified, as well as the middleware solutions to interface to the corresponding functional blocks. Finally, an important part of the project will focus on specific use cases including those mentioned above, and where the use of NoSEs can provide interesting solutions. One particular aspect will address privacy and identity management

More on the SEED4C web site.

Within this project (September 2011 – August 2014), Avalon participated in particular to the workpackage on novel programming techniques that aims to perform research and development on auto-tuned runtime environments for future multi-petascale and exascale systems.

Start date: September 2011

Duration: 3 years

More information on PRACE 2IP website.

EDGI develops middleware in order to support European Grid Initiative (EGI) and National Grid Initiative user communities that are heavy users of Distributed Computing Infrastructures (DCIs) and require an extremely large number of CPUs and cores. EDGI goes beyond existing DCIs that are typically cluster Grids and supercomputer Grids, and extends them with public and institutional Desktop Grids (DGs) and Clouds. EDGI integrates software components of ARC, gLite, Unicore, BOINC, XWHEP, 3G Bridge, and Cloud middleware such as OpenNebula and Eucalyptus into SG-DG-Cloud platforms for service provision.

Avalon team’s task is to get instantly available additional resources for DG systems if the application has some QoS requirements that could not be satisfied by the available resources of the DG system.

Start date: 01/06/2010

Duration: 24 months

More information on EDGI website: EDGI