Access control

Securely enforcing data access policies is a challenge of paramount importance in existing clouds. In fact, current clouds do not implement any mechanism to ensure the secure deletion of their data and rely on the cloud to enforce data access decisions between different tenants. This latter limitation becomes especially evident, when the cloud is untrusted to perform such unilateral decisions.

There is no global solution for data deletion in the cloud. TREDISEC will provide architectures and mechanisms to guarantee secure data deletion for cloud storage provider. Given such mechanisms, users will have cryptographic guarantees that their data is timely deleted when they ask the provider to do so. Deletion will account for data available to the user, as well as back-up copies kept by the cloud provider for dependability reasons.