[foaf-dev] PhD position at the French LIFO Lab: "Access Control for Cloud computing"

Apologies for multiple copies.
---------------------------------------------------
The French 'LIFO' Laboratory seeks a versatile, highly motivated PhD candidate to work on Cloud Computing
Security. 
LIFO (Laboratoire d'Informatique Fondamentale d'Orléans) - France
---------------------------------------------------
PhD thesis subject: Access Control for Cloud computing

1. Subject description
The security of Cloud Computing is becoming highly critical for computer information systems. Many
concrete examples have shown that public cloud architectures, such as Google, Twitter[a] or Amazon[b],
didn’t provide enough security for their customers. Many problems occur: data corruption, data loss,
information leakage [3], as well as problems of quality of service, and chain of responsibility.
The work to be done in this PhD thesis vill aim at securing cloud architectures, while letting the actors
involved in the cloud services and usages, the ability to express themselves their security needs. To do
that, they will use fine-grained and powerful security policies. The enforcement of those policies
using a multi-level access control (AC) mechanism will be the keystone of this work. The AC engine will
deal with SaaS (Software as a Service) policies, PaaS (Platform aaS) policies or IaaS (Infrastructure
aaS) policies. The AC mechanism will transform policies from the SaaS level into PaaS or IaaS policies.
Those policies will take into account:
- the security properties defined by the administrators; 
- the roles of the users, the roles of the services/applications, the roles of the virtual machines images
and their resources; 
- the interconnection of the clouds; 
- the localization of the data and the services and 
- legal aspects (medical or institutional data); 
- the Service Level Agreement (SLA).
The AC enforcement will be done at any level (SaaS, PaaS, IaaS). The AC mechanism of each level
(application, middleware, operating system, hypervisor) will cooperate with the others to provide a
sufficient and homogeneous security guarantee at the global level. Particular attention will be paid to