We are looking for a good PhD student to work on one of the three topics described below in the SMIS team (also on http://www-smis.inria.fr/).
The deadline is May 15, 2008.
Best regards
Luc Bouganim
Team : SMIS (Secured and Mobile Information Systems)
Title : Embedded Database Systems
Context :
Ubiquitous and pervasive computing introduces the need for embedding and managing data in ever lighter and specialized computing devices (personal digital assistants, cellular phones, sensors and chips for the ambient intelligence, transportation, healthcare, etc). In this context, the first objective of the SMIS project is the definition of core database technologies tackling the hardware constraints of highly specialized computing devices. Alongside, by making the information more accessible and by multiplying the transparent ways of its acquisition, ubiquitous and pervasive computing induce new threats on data confidentiality. More generally, preserving the confidentiality of personal data spread among a large variety of sources (mobiles, smart objects as well as corporate, commercial and public databases) has become a major challenge for the database community. Thus, the second objective pursued by the SMIS project is the definition of access control models preserving da! ta confidentiality and privacy and the definition of tamper-resistant database architectures enforcing this control. These two objectives are detailed below.
Ubiquitous/pervasive data management: Important research efforts have to be undertaken to capture the impact of each device's hardware constraints on database techniques and to set up co-design rules helping calibrating the hardware resources of future devices in order to match specific application's requirements. This research direction is interested in storage models, indexing structures and query execution techniques matching strong hardware constraints in terms of RAM, energy and communication bandwidth consumption. Electronic stable storage technologies (EEPROM, Flash, MEMS, etc) have also a considerable impact on the organization of the data at rest. Problems related to the interaction of ultra-light devices with a larger information system deserve also a particular attention (e.g., querying data disseminated among a large population of ultra-light devices, defining and managing ambient databases, exploiting external computing and storage resources).
Data confidentiality and privacy: The increasing amount of sensitive data gathered in databases, and in particular of personal data, imposes the definition of fine-grain access control models. While access control in client-server relational database is roughly mature, new issues appear today: fine-grain access control over hierarchical and semi-structured data (e.g., XML), integration of privacy concern in the access control policies (e.g., user's consent, usage control), access control administration over multiple distributed, heterogeneous and autonomous resources. A complementary issue we are interested in is the security (i.e., tamper-resistance) of the access control itself. Cryptographic techniques can be exploited to this end. While encryption is used successfully for years to secure communications, database encryption introduces difficult theoretical and practical problems: how to execute efficiently queries over encrypted data, how to conciliate declarative (i.e.,! predicate based) and dynamic access rights with encryption, how to distribute encryption keys between users sharing part of the database? We aim at providing accurate answers to these questions thanks to security models based on tamper-resistant hardware to query, update and share encrypted databases.
The complementarity of these two research issues is twofold. First, ubiquitous/pervasive data management generates specific confidentiality problems that must be tackled accurately. Hence, this first area of research is expected to feed the second one with relevant motivating examples. Second, data management techniques embedded in secured devices (e.g., smart cards, secured tokens) can be the foundation for new security models. For example, remote databases can be made secure by delegating part of the data management to a secured device. Thus, a strong cross-fertilization can be expected between these two research areas.
Beyond the scientific objectives detailed above, our ambition is to develop high quality prototypes that will serve two purposes: (1) validate our results on real hardware/software platforms and (2) integrate our results on real applications where data confidentiality is a primary concern (e.g., Electronic Health Record systems).
PhD Topics:
The PhD candidate can choose one of the following PhD topics:
1) FLASH-based embedded DBMS: We are investigating the impact of different stable storage technologies on traditional database techniques. A study on FLASH-based DBMS has been initiated. The compactness of FLASH memory makes it an effective alternative for lightweight devices. Typically, we consider a new hardware portable device, called SPT (Secure Portable Token), associating the security of a smart card to the storage capacity of a USB key (several GB in a short term). Embedding database in such devices is very challenging given the considerable increase in the volume of data to process and the particular characteristics of NAND FLASH (read/write access time ratio, sequential writes, coarse grain erasure).
2) Tamper-resistant embedded databases: SPT combines on the same hardware platform a highly secured microprocessor with an insecure FLASH mass storage memory. Hence, there is a strong need for preventing information disclosures and protecting the data integrity in FLASH thanks to cryptographic techniques (e.g., encryption, secure hash functions, etc.). The challenge is combining these cryptographic techniques with query execution techniques while satisfying three conflicting objectives: efficiency, high security and compliance with the chip hardware resources.
3) Distributed queries over embedded DB: So far, the SMIS project has mainly contributed to the field of data management principles for databases embedded on chips. However, distributed queries over a large collection of embedded databases opens up very exciting research perspectives. For example, secured portable folders (e.g., medical folders) constitute an alternative to a centralized management of these same folders in a high-end server (even if both solutions should not be considered orthogonal). There seem clear similarities between this issue and the large body of work already performed in distributed databases, mobile databases, sensor networks, peer-to-peer systems and even data grids. However, distributed queries over a large collection of embedded databases exhibit a specific combination of hypothesis: small, homogeneous but fairly complex databases, seldom connected, strongly autonomous, scarce computing local resources and potentially complex global queries. Hen! ce, new solutions have to be devised to tackle this specific problem.
Skills: Knowledge on core database technology.
Contact :http://www-smis.inria.fr
Luc Bouganim
Vice-Head of the SMIS Project
INRIA Rocquencourt, 78153 Le Chesnay
Luc.Bouganim@inria.fr
T‚l : 01.39.63.56.32