|CIDRE (standing for “Confidentiality, Integrity, Availability, repartition”) is a joint research group between Inria, University Rennes 1, CNRS and CentraleSupélec, focusing on the security of distributed information systems. CIDRE is a research group of the IRISA laboratory, and the continuation of the former SSIR research group.
In the field of security and distributed systems, the CIDRE team focuses mainly on the three following topics:
|For many aspects of our everyday life, we rely heavily on informations systems, many of which are based on massively networked devices that support a population of interacting and cooperating entities. While these information systems become increasingly open and complex, accidental and intentional failures get considerably more frequent and severe.
Two research communities traditionally address the concern of accidental and intentional failures: the distributed computing community and the security community. While both these communities are interested in the construction of systems that are correct and secure, an ideological gap and a lack of communication exist between them that is often explained by the incompatibility of the assumptions each of them traditionally makes. Furthermore, in terms of objectives, the distributed computing community has favored systems availability while the security community has focused on integrity and confidentiality, and more recently on privacy.
By contrast with this traditional conception, we are convinced that by looking at information systems as a combination of possibly revisited basic protocols, each one specified by a set of properties such as synchronization and agreement, security properties should emerge. This vision is shared by others and in particular by Myers et al, whose objectives are to explore new methods for constructing distributed systems that are trustworthy in the aggregate even when some nodes in the system have been compromised by malicious attackers. In accordance with this vision, the first main characteristic of the CIDRE group is to gather researchers from the two aforementioned communities in order to address in a complementary manner both the concerns of accidental and intentional failures.
The second main characteristic of the CIDRE group lies in the scope of the systems it considers. Indeed, during our research, we will consider three complementary levels of study: the Node Level, the Group Level, and the Open Network Level:
The third characteristic of the CIDRE group is to focus on three different aspects of security, i.e., trust, intrusion detection, and privacy, and on the different bridges that exist between these aspects. Indeed, we believe that to study new security solutions for nodes, set of nodes and open network levels, one must take into account that it is now a necessity to interact with devices whose owners are unknown. To reduce the risk to rely on dishonest entities, a trust mechanism is an essential prevention tool that aims at measuring the capacity of a remote node to provide a service compliant with its specification. Such a mechanism should allow to overcome ill-founded suspicions and to be aware of established misbehaviors. To identify such misbehaviors, intrusion detection systems are necessary. Such systems aimed at detecting, by analyzing data flows, whether violations of the security policies have occurred. Finally, Privacy Protection which is now recognized as a basic user right, should be respected despite the presence of tools that continuously observe or even control users actions or behaviors.
|The research master we are involved in.|
|See thematic track: Information and Computing Infrastructure Security
For many aspects of our everyday life, we heavily rely on information systems, many of which are based on massively networked devices that support a population of interacting and cooperating entities. While these information systems become increasingly open and complex, accidental and intentional failures get considerably more frequent and severe.
Attacks against these systems are high level (network intrusion,sensitive data compromission). However these attacks are often carried out at a very low level (exploitation of vulnerabilities, hardware attacks).
The CIDRE team strives to have a global expertise in information systems: from hardware to distributed architectures. They are interested in highlighting security issues and proposing preventive or reactive countermeasures in widely used systems.
Cidre members produce security solutions for malware analysis and attacks on hardware systems, some of which are hosted by the High Security Laboratory (LHS) in Rennes.
- Attack comprehension
- Attack detection
- Attack resistance