on ne donne ici que les paires de mécanismes incompatibles (aux niveaux système et réseau) et dépendants. Les paires non-spécifiées sont considérées compatibles et indépendantes. Les mécanismes incompatibles au niveau système FileWEB 11 o /etc/httpd/logs LogWEB 12, p.13 ,
lignes 1 à 10) contient le résultat de l'accès à la VM apache-see-1 (VM Apache du premier triplet) par l'utilisateur user depuis la VM client-1 (VM Client du premier triplet) Cet accès est autorisé par la politique et STATE, pp.22-80 ,
Computer security threat monitoring and surveillance . Rapport technique, 1980. ,
Web services agreement specification (ws-agreement) In Open Grid Forum, p.216, 2007. ,
A view of cloud computing, Communications of the ACM, vol.53, issue.4, pp.50-58, 2010. ,
DOI : 10.1145/1721654.1721672
A-PPL: An Accountability Policy Language, Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance, pp.319-326, 2015. ,
DOI : 10.1007/978-3-319-17016-9_21
Trusted platform module (tpm) based security on notebook pcs-white paper. Mobile Platforms Group Intel Corporation, pp.1-20, 2002. ,
Autonomic personal computing, IBM Systems Journal, vol.42, issue.1, pp.165-176, 2003. ,
DOI : 10.1147/sj.421.0165
Xen and the art of virtualization, ACM SIGOPS Operating Systems Review, vol.37, issue.5, pp.164-177, 2003. ,
DOI : 10.1145/1165389.945462
Collaborative remediation of configuration vulnerabilities in autonomic networks and systems, Proceedings of the 8th International Conference on Network and Service Management International Federation for Information Processing, pp.357-363, 2012. ,
Towards the assessment of distributed vulnerabilities in autonomic networks and systems, 2012 IEEE Network Operations and Management Symposium, pp.335-342, 2012. ,
DOI : 10.1109/NOMS.2012.6211916
The Public Cloud Market Is Now In Hypergrowth -Sizing The Public Cloud Market, 2014. ,
Paranoid penguin : an introduction to novell apparmor Secure computer systems : Mathematical foundations, Linux Journal, issue.148, 1973. ,
Qemu, a fast and portable dynamic translator, USENIX Annual Technical Conference, FREENIX Track, pp.41-46, 2005. ,
Security SLAs for Federated Cloud Services, 2011 Sixth International Conference on Availability, Reliability and Security, pp.202-209, 2011. ,
DOI : 10.1109/ARES.2011.34
Integrity considerations for secure computer systems, 1977. ,
ABLE: A toolkit for building multiagent autonomic systems, IBM Systems Journal, vol.41, issue.3, pp.41350-371, 2002. ,
DOI : 10.1147/sj.413.0350
An autonomic cloud management system for enforcing security and assurance properties An advanced security-aware cloud architecture, Proceedings of the 2015 Workshop on Changing Landscapes in HPC Security High Performance Computing & Simulation (HPCS), 2014 International Conference on, pp.1-8, 2014. ,
A practical alternative to hierarchical integrity policies, NIST SPECIAL PUBLICATION SP, p.10, 1989. ,
From Autonomic to Self-Self Behaviors, Utility and Cloud Computing (UCC) IEEE/ACM 8th International Conference on, p.28, 2011. ,
DOI : 10.1145/2019591.2019597
URL : https://hal.archives-ouvertes.fr/hal-00949563
Mandatory access control for the android dalvik virtual machine ESOS : Workshop on Embedded Self-Organizing Systems An autonomous cloud management system for in-depth security OSSEC host-based intrusion detection guide, 2013-USENIX Federated Conferences Cloud Networking (CloudNet), 2014 IEEE 3rd International Conference on, pp.368-374, 2008. ,
Formalization and guaranty of system security properties : application to the detection of intrusions, 2007. ,
URL : https://hal.archives-ouvertes.fr/tel-00261613
Electronic authentication guideline : Recommendations of the national institute of standards and technology, pp.800-63, 2013. ,
Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Services as Computing Utilities, 2008 10th IEEE International Conference on High Performance Computing and Communications, pp.5-13, 2008. ,
DOI : 10.1109/HPCC.2008.172
The architecture of vmware esxi, VMware White Paper, vol.1, p.7, 2008. ,
Self-protection for distributed component-based applications Apache cloudstack : Open source cloud computing, Stabilization, Safety, and Security of Distributed Systems, pp.184-198, 2006. ,
Google Apps : The Missing Manual : The Missing Manual, 2008. ,
Merkat: A Market-Based SLO-Driven Cloud Platform, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, pp.403-410, 2013. ,
DOI : 10.1109/CloudCom.2013.59
URL : https://hal.archives-ouvertes.fr/hal-00862509
A language for specifying security and management policies for distributed systems, 2000. ,
Department of Computing ,
Self-managing systems : A control theory foundation, Engineering of Computer-Based Systems, 2005. ECBS'05. 12th IEEE International Conference and Workshops on the, pp.441-448, 2005. ,
An agent based business aware incident detection system for cloud environments, Journal of Cloud Computing: Advances, Systems and Applications, vol.1, issue.1, pp.1-19, 2012. ,
DOI : 10.1007/s11623-011-0059-1
OpenVPN : Building and integrating virtual private networks, 2006. ,
Multi-agent systems : an introduction to distributed artificial intelligence, 1999. ,
Role-based access control, 15th NIST-NCSC National Computer Security Conference, 1992. ,
Cloud Foundry, 2015. ,
Architecture of virtual machines, Proceedings of the workshop on virtual computer systems, pp.74-112, 1973. ,
Intel trusted execution technology, 2012. ,
Virtualization with kvm, Linux Journal, issue.166, p.8, 2008. ,
Task oriented management obviates your onus on linux, Linux Conference, 2004. ,
Protection in operating systems, Communications of the ACM, vol.19, issue.8, pp.461-471, 1976. ,
DOI : 10.1145/360303.360333
Cloudaudit 1.0 -Automated Audit, Assertion, Assessment, and Assurance API (A6) Internet Engineering Task Force, 2010. ,
Autonomic computing : Ibm\'s perspective on the state of information technology, 2001. ,
Guide to attribute based access control (abac) definition and considerations, NIST Special Publication, vol.800, p.162, 2014. ,
DOI : 10.6028/NIST.SP.800-162
Conformance Checking of Access Control Policies Specified in XACML, 31st Annual International Computer Software and Applications Conference, Vol. 2, (COMPSAC 2007), pp.275-280, 2007. ,
DOI : 10.1109/COMPSAC.2007.96
A survey of autonomic computing???degrees, models, and applications, ACM Computing Surveys, vol.40, issue.3, p.407, 2008. ,
DOI : 10.1145/1380584.1380585
ISO27002 : Information technology ? Security techniques ? Code of practice for information security controls, 2013. ,
On agent-based software engineering, Artificial Intelligence, vol.117, issue.2, pp.277-296, 2000. ,
DOI : 10.1016/S0004-3702(99)00107-1
Organization based access control, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, pp.120-131, 2003. ,
DOI : 10.1109/POLICY.2003.1206966
URL : https://hal.archives-ouvertes.fr/hal-01483818
Jails : Confining the omnipotent root, Proceedings of the 2nd International SANE Conference, p.116, 2000. ,
Reducibility among combinatorial problems, 1972. ,
DOI : 10.1007/978-3-540-68279-0_8
SLA★: An abstract syntax for Service Level Agreements, 2010 11th IEEE/ACM International Conference on Grid Computing, pp.217-224, 2010. ,
DOI : 10.1109/GRID.2010.5697973
The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003. ,
DOI : 10.1109/MC.2003.1160055
The MEERKATS Cloud Security Architecture, 2012 32nd International Conference on Distributed Computing Systems Workshops, pp.446-450, 2012. ,
DOI : 10.1109/ICDCSW.2012.42
kvm : the linux virtual machine monitor, Proceedings of the Linux Symposium, pp.225-230, 2007. ,
Virtualization in linux, 2006. ,
Google Compute Engine, Building Your Next Big Thing with Google Cloud Platform, pp.53-81, 2015. ,
DOI : 10.1007/978-1-4842-1004-8_4
Towards a fault-tolerant multi-agent system architecture, Proceedings of the fourth international conference on Autonomous agents , AGENTS '00, pp.459-466, 2000. ,
DOI : 10.1145/336595.337570
Protection, Proc. 5th Princeton Conf. on Information Sciences and Systems, pp.18-24, 1971. ,
DOI : 10.1145/775265.775268
Dynamic protection structures, Proceedings of the November 18-20, 1969, fall joint computer conference on, AFIPS '69 (Fall), pp.27-38, 1969. ,
DOI : 10.1145/1478559.1478563
A note on the confinement problem, Communications of the ACM, vol.16, issue.10, pp.613-615, 1973. ,
DOI : 10.1145/362375.362389
Security-Aware Models for Clouds, ACM Symposium on High-Performance Parallel and Distributed Computing, 2013. ,
URL : https://hal.archives-ouvertes.fr/hal-00840734
Security for cloud environment through information flow properties formalization with a first-order temporal logic, 2013. ,
URL : https://hal.archives-ouvertes.fr/hal-00916882
The inevitability of failure : The flawed assumption of security in modern computing environments, Proceedings of the 21st National Information Systems Security Conference, pp.303-314, 1998. ,
Web service level agreement (wsla) language specification. IBM Corporation, pp.815-824, 2003. ,
The nist definition of cloud com- puting, 2011. ,
Docker : lightweight linux containers for consistent development and deployment, Linux Journal, issue.2392, p.2014, 2014. ,
Microsoft azure. https://azure.microsoft. com/. [Miner et Athey FCGlob : A New SELinux File Context Syntax, Proceedings of the Third Annual Security Enhanced Linux Sympo- sium, 2007. ,
The State of SELinux, 2015. ,
IaaS Cloud Architecture: From Virtualized Datacenters to Federated Cloud Infrastructures, Computer, vol.45, issue.12, pp.65-72, 2012. ,
DOI : 10.1109/MC.2012.76
svirt : Hardening linux virtualization with mandatory access control, Linux. conf. au Conference, 2009. ,
Extensible access control markup language (xacml) version 2.0. Oasis Standard, 2005. ,
Microsoft Office 365 : Connect and collaborate virtually anywhere, anytime, 2011. ,
Kerberos : An authentication service for computer networks, Communications Magazine, issue.9, pp.3233-3271, 1994. ,
The Eucalyptus Open-Source Cloud-Computing System, 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, pp.124-131, 2009. ,
DOI : 10.1109/CCGRID.2009.93
OpenStack Juno. https://www.openstack. org/software A new algorithm for the maximum-weight clique problem, Nordic Journal of Computing, vol.8, issue.4, pp.424-436, 2001. ,
Accountability for cloud and other future Internet services, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings, pp.629-632, 2012. ,
DOI : 10.1109/CloudCom.2012.6427512
URL : https://hal.archives-ouvertes.fr/hal-00778369
Deploying openstack, 2011. ,
vtpm : virtualizing the trusted platform module, Proc. 15th Conf. on USENIX Security Symposium, pp.305-320, 2006. ,
Formal requirements for virtualizable third generation architectures, Communications of the ACM, vol.17, issue.7, pp.412-421, 1974. ,
DOI : 10.1145/361011.361073
Implementing largescale autonomic server monitoring using process query systems, Autonomic Computing , 2005. ICAC 2005. Proceedings. Second International Conference on, pp.123-133, 2005. ,
DOI : 10.1109/icac.2005.34
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.98.2677
Linux netfilter hacking howto Dispon?vel em http ://www. netfilter. org/documentation, 2002. ,
Virtualization: A Survey on Concepts, Taxonomy and Associated Security Issues, 2010 Second International Conference on Computer and Network Technology, pp.222-226, 2010. ,
DOI : 10.1109/ICCNT.2010.49
Unified login with pluggable authentication modules (PAM), Proceedings of the 3rd ACM conference on Computer and communications security , CCS '96, pp.1-10, 1996. ,
DOI : 10.1145/238168.238177
The NIST model for role-based access control, Proceedings of the fifth ACM workshop on Role-based access control , RBAC '00, 2000. ,
DOI : 10.1145/344287.344301
The schematic protection model: its definition and analysis for acyclic attenuating schemes, Journal of the ACM, vol.35, issue.2, pp.404-432, 1988. ,
DOI : 10.1145/42282.42286
The typed access matrix model, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp.122-136, 1992. ,
DOI : 10.1109/RISP.1992.213266
Role-based access control models, Computer, vol.29, issue.2, pp.38-47, 1996. ,
DOI : 10.1109/2.485845
Exploiting architectural design knowledge to support self-repairing systems, Proceedings of the 14th international conference on Software engineering and knowledge engineering , SEKE '02, pp.241-248, 2002. ,
DOI : 10.1145/568760.568804
Implementing selinux as a linux security module, NAI Labs Report, vol.1, issue.43, p.139, 2001. ,
Virtual machines : versatile platforms for systems and processes, 2005. ,
The architecture of virtual machines, Computer, vol.38, issue.5, pp.32-38, 2005. ,
DOI : 10.1109/MC.2005.173
The dynamictyped access matrix model and decidability of the safety problem, IEICE transactions on fundamentals of electronics, communications and computer sciences, vol.87, issue.1, pp.190-203, 2004. ,
The flask security architecture : System support for diverse policies, Proceedings of the Eighth USENIX Security Symposium, 1999. ,
Detection, prevention, and containment : A study of grsecurity, Libre Software Meeting, 2002. ,
Incits 359-2004, ANSI INCITS, pp.359-2004, 2004. ,
PACT: Personal Autonomic Computing Tools, 12th IEEE International Conference and Workshops on the Engineering of Computer-Based Systems (ECBS'05), pp.519-527, 2005. ,
DOI : 10.1109/ECBS.2005.54
URL : http://uir.ulster.ac.uk/8199/1/2005-04-ECBS-PACT_personal_autonomic_computing_tools.pdf
Underlying technical models for information technology security : recommendation of the National Institute of Standards and Technology, 2001. ,
DOI : 10.6028/NIST.SP.800-33
Focale : A novel autonomic networking architecture, 2006. ,
The Design of a New Context-Aware Policy Model for Autonomic Networking, 2008 International Conference on Autonomic Computing, pp.119-128, 2008. ,
DOI : 10.1109/ICAC.2008.36
The Tree-to-Tree Correction Problem, Journal of the ACM, vol.26, issue.3, pp.422-433, 1979. ,
DOI : 10.1145/322139.322143
Trusted computer system evaluation criteria. DoD 5200, p.28, 1985. ,
Introduction to the TPM, Smart Cards, Tokens, Security and Applications, pp.155-172, 2008. ,
DOI : 10.1007/978-0-387-72198-9_7
Ponder2 : A policy system for autonomous pervasive environments, Autonomic and Autonomous Systems ICAS'09. Fifth International Conference on, pp.330-335, 2009. ,
A break in the clouds, ACM SIGCOMM Computer Communication Review, vol.39, issue.1, pp.50-55, 2008. ,
DOI : 10.1145/1496091.1496100
Microsoft virtualization with Hyper- V, 2009. ,
Security Enhanced Java: Mandatory Access Control for the Java Virtual Machine, 16th IEEE International Symposium on Object/component/service-oriented Real-time distributed Computing (ISORC 2013), pp.1-7, 2013. ,
DOI : 10.1109/ISORC.2013.6913208
URL : https://hal.archives-ouvertes.fr/hal-00840729
Network Security with OpenSSL : Cryptography for Secure Communications, 2002. ,
VESPA, Proceedings of the 9th international conference on Autonomic computing, ICAC '12, pp.155-160, 2012. ,
DOI : 10.1145/2371536.2371564
URL : https://hal.archives-ouvertes.fr/hal-00738174
tcpdump advanced filters, 2013. ,
The technical specification for the Security Content Automation Protocol (SCAP), p.126, 2011. ,
Specification for the extensible configuration checklist description format (xccdf) version 1, 2011. ,
DOI : 10.6028/NIST.IR.7275r4
Service Level Agreement (SLA) in Utility Computing Systems, 2012. ,
DOI : 10.4018/978-1-60960-794-4.ch001
Service level agreement in the data center, 2002. ,
Towards autonomic virtual applications in the in-vigo system, Autonomic Computing, 2005. ICAC 2005. Proceedings. Second International Conference on, pp.15-26, 2005. ,
The secure shell (ssh) connection protocol, 2006. ,
Google app engine, 2009. ,
Cloud computing: state-of-the-art and research challenges, Journal of Internet Services and Applications, vol.33, issue.4, pp.7-18, 2010. ,
DOI : 10.1007/s13174-010-0007-6