权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

My Private Cloud

我的私有云

基本信息

批准号：
EP/I034181/1
负责人：
David Chadwick
金额：
$ 7.37万
依托单位：
University of Kent
依托单位国家：
英国
项目类别：
Research Grant
财政年份：
2011
资助国家：
英国
起止时间：
2011 至无数据
项目状态：
已结题

来源：
https://gtr.ukri.org/projects?ref=EP%2FI034181%2F1
关键词：
My Private Cloud

项目摘要

This research is designed to increase - a) the trust that users may have in cloud providers, as well as - b) the control that users will have over their data when it is stored in the cloud. It aims to do this in a number of ways. Firstly existing cloud users can provide their feedback about their existing cloud service providers to a cloud reputation service. This will compute the reputations of the various cloud providers, so that new potential cloud users can query it in order to determine which cloud providers are the most reputable. Then, when a user has chosen a cloud provider that (s)he believes to be trustworthy, the user can set their own fine grained privacy policy on the data that they submit to the cloud. This policy will be stuck to their data so that it is always enforced by the cloud infrastructure. In this way the user has full control over all accesses to and processing of their (possibly very sensitive) data. If their data is moved between cloud providers, then the sticky policy will move with the data, thereby ensuring continuing control by their policy. The privacy protecting infrastructure has built in audit support to allow the cloud provider to send the user summary audit information which will detail who has accessed the user's data, at what time and for what purposes. This provides users with visibility into the cloud, and reassures them that their data is safe. Users may alter their privacy policy at any time, should they decide it is too strict or too lax. Finally, users will be able to delegate access to their data to other users or processes, in order to provide the flexibility that is sometimes needed in workflows and other data access scenarios.The fine grained privacy policies and protocols that are supported by the infrastructure allow requestors to collect their various attributes and roles from multiple issuing authorities (a process termed attribute aggregation), even when they are known by different identities at the different authorities. This mirrors the reality of today's plastic card credentials and allows a new generation of virtual cards to be created. The cloud provider is cryptographically assured that all these different attributes and roles do indeed belong to the same requestor, without the requestor being required to reveal his real name.The fine grained policies also support emergency over-rides, so called Break-The-Glass policies. These allow responsible requestors, who are initially denied access to the data in the cloud, to break the glass and be granted emergency access, in the full knowledge that they will be held accountable and have to answer to their line management at a later time. This is achieved by having an obligation service that can perform pre-defined actions when an authorization decision is made. In the case of break the glass, these obligations might be to email the requestor's line manager, and record the incident in a secure audit trail. One example of Break the glass use is in medical applications, e.g. it allows accident and emergency staff to access a patient's medical records that they otherwise would not be allowed to see.

这项研究旨在增加- a）用户可能对云提供商的信任，以及- B）当数据存储在云中时，用户对其数据的控制。它旨在通过多种方式做到这一点。首先，现有的云用户可以向云信誉服务提供关于其现有云服务提供商的反馈。这将计算各种云提供商的信誉，以便新的潜在云用户可以查询它，以确定哪些云提供商是最有信誉的。然后，当用户选择了他认为值得信赖的云提供商时，用户可以对他们提交给云的数据设置自己的细粒度隐私策略。此策略将被绑定到他们的数据，以便始终由云基础设施强制执行。通过这种方式，用户可以完全控制对其（可能非常敏感的）数据的所有访问和处理。如果他们的数据在云提供商之间移动，那么粘性策略将随着数据移动，从而确保他们的策略继续控制。隐私保护基础设施内置了审计支持，允许云提供商向用户发送摘要审计信息，该信息将详细说明谁访问了用户的数据，在什么时间以及出于什么目的。这为用户提供了对云的可见性，并向他们保证他们的数据是安全的。用户可以随时修改他们的隐私政策，如果他们认为它太严格或太宽松。最后，用户将能够将其数据的访问权限委托给其他用户或进程，以便提供工作流和其他数据访问场景中有时需要的灵活性。基础设施支持的细粒度隐私策略和协议允许请求者从多个发布机构收集其各种属性和角色（一个称为属性聚合的过程），即使它们在不同的机构被不同的身份所知。这反映了当今塑料卡凭证的现实，并允许创建新一代虚拟卡。云提供商可以通过加密确保所有这些不同的属性和角色确实属于同一个请求者，而不需要请求者透露他的真实的姓名。细粒度策略还支持紧急覆盖，即所谓的打破玻璃策略。这使得最初被拒绝访问云中数据的负责任的请求者能够打破玻璃并获得紧急访问权限，同时充分了解他们将被追究责任，并必须在稍后的时间向他们的直线管理层作出答复。这是通过在做出授权决策时执行预定义操作的义务服务来实现的。在打破玻璃的情况下，这些义务可能是向请求者的直线经理发送电子邮件，并将事件记录在安全的审计跟踪中。打破玻璃的一个例子是在医疗应用中，例如，它允许事故和急救人员访问他们否则不被允许看到的病人的医疗记录。