Emplois actuels liés à PhD Position F/M Security mechanisms for distributed collaborative systems - VillerslèsNancy, Grand Est - INRIA
-
Security Mechanisms for Distributed Collaborative Systems PhD
il y a 3 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD research project will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Research MissionThe goal of this research is to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security...
-
PhD Position in Distributed Collaborative Systems Security
il y a 2 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinResearcher Position in Collaborative Systems SecurityWe are seeking a highly motivated PhD researcher to join our team at INRIA and work on a project focused on developing a security mechanism for distributed collaborative systems.About the ProjectThe goal of this project is to design and implement a security mechanism that ensures the confidentiality,...
-
PhD Position in Distributed Collaborative Systems Security
il y a 3 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD research project will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Research MissionThe goal of this research is to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security...
-
PhD Position in Distributed Collaborative Systems Security
il y a 3 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD research project will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Research MissionThe goal of this research is to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security...
-
PhD Position in Distributed Collaborative Systems Security
il y a 7 jours
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Advantages of the PositionThis PhD thesis will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Mission and ObjectivesWe aim to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security mechanism must deal with user...
-
PhD Researcher in Collaborative Systems Security
il y a 3 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD research project will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Research MissionThe goal of this research is to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security...
-
PhD Researcher in Collaborative Systems Security
il y a 3 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD research project will take place in the COAST team at INRIA and will be supervised by Claudia-Lavinia Ignat and Olivier Perrin.Research MissionThe goal of this research is to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinINRIA is seeking a talented Security Engineer to contribute to the development of innovative security mechanisms for collaborative distributed applications.This role offers an exciting opportunity to work at the forefront of cybersecurity research, focusing on access control and group key management in the context of decentralized systems.Your...
-
PhD Research Position: Distributed Collaborative File Systems
il y a 4 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinAbout the Role This PhD position within INRIA's COAST team offers a unique opportunity to contribute to the development of innovative, decentralized file systems. Under the guidance of renowned researchers Claudia-Lavinia Ignat and Gérald Oster, you will delve into the exciting world of distributed systems and peer-to-peer technologies. The...
-
PhD Researcher in Distributed File Systems
il y a 2 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinResearcher Position in Distributed File SystemsWe are seeking a highly motivated PhD researcher to join our team at INRIA and contribute to the development of a distributed collaborative file system. The successful candidate will work under the supervision of Claudia-Lavinia Ignat and Gerald Oster to investigate the use of peer-to-peer infrastructures and...
-
PhD Researcher in Distributed File Systems
il y a 2 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and OpportunitiesThis PhD research project will be conducted in the COAST team at INRIA, under the supervision of Claudia-Lavinia Ignat and Gérald Oster. The project aims to design and develop a distributed collaborative file system that enables users to share and collaborate on files while maintaining control over their data.Research...
-
PhD Researcher in Distributed File Systems
il y a 1 semaine
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and OpportunitiesThis PhD research project will be conducted in the COAST team at INRIA, under the supervision of Claudia-Lavinia Ignat and Gérald Oster. The project aims to design and develop a distributed collaborative file system that enables secure and efficient data sharing among users.Research ObjectivesThe main objectives of...
-
PhD Researcher in Distributed File Systems
il y a 7 jours
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Advantages of the PositionThis PhD thesis will take place in the COAST team, under the supervision of Claudia-Lavinia Ignat, HDR, CRCN Inria, Inria center of Lorraine University and Gérald Oster, MCF, Lorraine University.Mission ConfierFile system services are essential for data sharing and collaboration among users. Most...
-
PhD Researcher in Distributed File Systems
il y a 2 jours
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Advantages of the PositionThis PhD thesis will take place in the COAST team, under the supervision of Claudia-Lavinia Ignat, HDR, CRCN Inria, Inria center of Lorraine University and Gérald Oster, MCF, Lorraine University.Mission and ObjectivesThe proposed research aims to investigate the use of peer-to-peer infrastructures, such...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD thesis will take place in the COAST team, under the supervision of Claudia-Lavinia Ignat, HDR, CRCN Inria, Inria center of Lorraine University and Gérald Oster, MCF, Lorraine University.Mission and ObjectivesThe proposed research aims to investigate the use of peer-to-peer infrastructures, such...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionContext and Key Aspects of the PositionThis PhD thesis will take place in the COAST team, under the supervision of Claudia-Lavinia Ignat, HDR, CRCN Inria, Inria center of Lorraine University and Gérald Oster, MCF, Lorraine University.Mission and ObjectivesThe proposed research aims to investigate the use of peer-to-peer infrastructures, such...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionWe are seeking a highly motivated PhD student to join our research team at INRIA, focusing on the topic of trust and legitimacy in collaborative writing. The successful candidate will work under the supervision of Dr. Claudia-Lavinia Ignat and co-supervision of Dr. Léo Joubert.Research ContextCollaborative systems, such as Wikipedia, have...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionWe are seeking a highly motivated PhD student to join our research team at INRIA, focusing on the topic of trust and legitimacy in collaborative writing. The successful candidate will work under the supervision of Dr. Claudia-Lavinia Ignat and co-supervision of Dr. Léo Joubert.Research ContextCollaborative systems, such as Wikipedia, have...
-
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinAbout the ProjectIn this PhD position, you will investigate the concept of trust and legitimacy in collaborative writing on Wikipedia. The project aims to develop a computational trust model that can evaluate the trustworthiness of users based on their past interactions and contributions.Research ObjectivesStudy existing trust metrics in collaborative...
-
PhD Position in Trust and Legitimacy in Collaborative Writing
il y a 2 semaines
Villers-lès-Nancy, Grand Est, France INRIA Temps pleinJob DescriptionWe are seeking a highly motivated PhD researcher to join our team at INRIA to work on a project focused on trust and legitimacy in collaborative writing in Wikipedia.Project OverviewThe project aims to study the problem of trust evaluation and design a computational trust model dedicated to collaborative systems. We are particularly interested...
PhD Position F/M Security mechanisms for distributed collaborative systems
Il y a 3 mois
Contexte et atouts du poste
This PhD thesis will take place in team COAST and will be supervised by Claudia-Lavinia Ignat, HDR, CRCN Inria, Inria center of Lorraine University and Olivier Perrin, Professor, Lorraine University.
Mission confiée
We want to propose a security mechanism adapted for distributed collaborative systems without a central authority. The security mechanism has to deal with user access rights to the shared documents as well as with end-to-end encryption of data with key management suitable for dynamic user groups. The mechanism has to be easy to use and will be tested with users.
Existing access control mechanisms mainly based on a central authority feature several difficulties in the context of collaborative systems. In the case of a federation of organizations, agreeing on an authority that manages access rights is almost impossible. Lack of a central authority raises issues of group management such as joining and leaving the group as well as rights revocation. Indeed, it should be possible for a partner to revoke granted rights without contacting an external authority. Moreover, current access control mechanisms feature performance issues that are critical for real-time collaboration where the number of updates is high. Indeed, delays are too high for sending at each user action an access request and waiting for its answer from a trusted central authority which maintains the security policies.
In order to provide high data availability in collaborative systems, data is typically replicated and users are allowed to concurrently modify replicated data. In order to avoid the use of a central server that stores access rights, we propose that in addition to the replication of data, access rights are also replicated. CRDTs (Commutative Replicated Data Types) [1, 2] were proposed as suitable replicated data structures where parallel modifications are conflict free by construction. We want to propose CRDTs for managing replicated data and replicated access control .
In the face of concurrent edits on the access rights and the document, conflicts are likely to occur. For instance, users might execute operations on the document while their rights of executing these operations are concurrently revoked. An important feature of collaborative applications is to allow multiple dynamic administrators that can modify users access rights (e.g. read or write) to the shared documents. Existing solutions that replicate access rights rely either on a single administrator per document [3, 4] or on centralised coordination mechanisms to avoid conflicts introduced by multiple administrators [5]. Considering multiple administrators generates more conflictual cases to deal with than in the case of a single administrator [6,7]. For instance, an administrator might assign an access right to a user, while concurrently this administrator right is removed. We want to propose a replicated access control mechanism that manages a collaborative document with multiple, dynamic administrators. Besides maintaining consistency over the replicated document state and access rights, the proposed CRDT solution should preserve document integrity and prevent unauthorized modifications. An a posteriori enforcement should be provided in order to correct the document state by compensating the effect of unauthorized modifications.
Group key generation and revocation can be done in concurrency with modifications on the shared document and its access rights. The challenge is to compose CRDTs for access rights and data synchronisation with group key management operations .
As mentioned above, end-to-end encryption is very important for ensuring the security of mutable data in the collaboration. Large collaborative service providers such as Dropbox, iCloud and GoogleDrive adopted encryption solutions in order to store only the encrypted version of shared documents. However, for facilitating the usage of their services, encryption keys are stored by the service providers which gives them the possibility of accessing the non encrypted data and being subject to different attacks. We plan to investigate suitable end-to-end encryption techniques for collaboration over mutable data where messages sent between participants are end-to-end encrypted and servers do not need to access non encrypted data. Synchronization algorithms based on CRDT are suitable for end-to-end encryption in a peer-to-peer environment where data will be decrypted only at the receiver side and conflicts can be resolved locally.
The access control mechanism proposed in this thesis will be implemented on a peer-to-peer collaborative real-time editor such as MUTE (). Its feasibility will be tested for Matrix ( Bibliography:
[1] Gérald Oster, Pascal Urso, Pascal Molli, and Abdessamad Imine. "Data Consistency for P2P Collaborative Editing". In: Proceedings of the ACM Conference on Computer-Supported Cooperative Work - CSCW 2006. Banff, AB, Canada, 2006, pp. 259–267. isbn: doi: /
[2] Marc Shapiro, Nuno M. Preguiça, Carlos Baquero, and Marek Zawirski. "Conflict-Free Replicated Data Types". In: 13th International Symposium on Stabilization, Safety, and Security of Distributed Systems, SSS 2011. Oct. 2011, pp. 386–400. doi: / _29.
[3] Ted Wobber, Thomas L. Rodeheffer, and Douglas B. Terry. "Policy-Based Access Control for Weakly Consistent Replication". In: Proceedings of the 5th European Conference on Computer Systems. EuroSys '10. Association for Computing Machinery, Apr. 2010, pp. 293–306. isbn: doi: / Visited on 04/01/2021).
[4] Asma Cherif, Abdessamad Imine, and Michaël Rusinowitch. "Practical Access Control Management for Distributed Collaborative Editors". Pervasive and Mobile Computing. Special Issue on Information Management in Mobile Applications 15 (Dec. 2014), pp. 62–86. issn: doi:
[5] Mathias Weber, Annette Bieniusa, and Arnd Poetzsch-Heffter. "Access Control for Weakly Consistent Replicated Information Systems". In: Proceedings of International Workshop on Security and Trust Management. STM 2016. Springer International Publishing, Sept. 2016, pp. 82–97. isbn: doi: / _6.
[6] Pierre-Antoine Rault, Claudia-Lavinia Ignat, and Olivier Perrin. "Distributed Access Control for Collaborative Applications using CRDTs". In: Proceedings of 9th Workshop on Principles and Practice of Consistency for Distributed Data. Rennes, France, Apr doi: / hal: hal
[7] Pierre-Antoine Rault, Claudia-Lavinia Ignat, and Olivier Perrin. "Access control based on CRDTs for Collaborative Dis- tributed Applications". In: The International Symposium on Intelligent and Trustworthy Computing, Communications, and Networking (ITCCN-2023), Proceedings of the 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom Exeter, UK, Nov hal: hal
[8] Florian Jacob, Luca Becker, Jan Grashöfer, Hannes Hartenstein. Matrix Decomposition: Analysis of an Access Control Approach on Transaction-based DAGs without Finality. SACMAT 2020: doi:10.1145/
Principales activités
Study of existing access control mechanisms for collaborative systems Elicitation of requirements for the envisaged security mechanism through case studies Proposal of a group key management that satisfies the requirements Study of CRDTs Proposal of a composed CRDT that combines a CRDT for shared data with a CRDT for access rights with and that considers group key management operations Implementation of the proposed security mechanism in MUTE User studies on the proposed security mechanismCompétences
Engineering and/or Master 2 degree in Computer science / Applied mathematics with an experience in computer networks. Theoretical expertise: distributed systems, P2P networks, security Good collaborative and networking skills, excellent written and oral communication in English Good programming skills Strong analytical skillsAvantages
Subsidized meals Partial reimbursement of public transport costs Leave: 7 weeks of annual leave + 10 extra days off due to RTT (statutory reduction in working hours) + possibility of exceptional leave (sick children, moving home, etc.) Possibility of teleworking (after 6 months of employment) and flexible organization of working hours Professional equipment available (videoconferencing, loan of computer equipment, etc.) Social, cultural and sports events and activities Access to vocational training Social security coverageRémunération
2100€ gross/month the 1st year
