Maximizing Sharing of Protected Information

Dawson, Steven L.; Vimercati, Sabrina De Capitani di; Lincoln, Patrick; Samarati, Pierangela

doi:10.1006/jcss.2001.1807

Cited by 23 publications

(8 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our work may bring some resemblance with the work of classifying information while maximizing visibility [Dawson et al 2002]. However, while the two lines of work share the goal of ensuring protection and minimizing security measures enforcement, the consideration of fragmentation and encryption on the one side and security labeling on the other make the problems considerably different.…”

Section: Related Workmentioning

confidence: 93%

Combining fragmentation and encryption to protect privacy in data storage

Ciriani

Vimercati

Foresti

et al. 2010

ACM Trans. Inf. Syst. Secur.

Self Cite

171

179

View full text Add to dashboard Cite

The impact of privacy requirements in the development of modern applications is increasing very quickly. Many commercial and legal regulations are driving the need to develop reliable solutions for protecting sensitive information whenever it is stored, processed, or communicated to external parties. To this purpose, encryption techniques are currently used in many scenarios where data protection is required since they provide a layer of protection against the disclosure of personal information, which safeguards companies from the costs that may arise from exposing their data to privacy breaches. However, dealing with encrypted data may make query processing more expensive.In this article, we address these issues by proposing a solution to enforce the privacy of data collections that combines data fragmentation with encryption. We model privacy requirements as confidentiality constraints expressing the sensitivity of attributes and their associations. We then This article extends the previous work by the authors appeared under the title Fragmentation and Encryption to Enforce Privacy in Data Storage in 22:2 • V. Ciriani et al.use encryption as an underlying (conveniently available) measure for making data unintelligible while exploiting fragmentation as a way to break sensitive associations among attributes. We formalize the problem of minimizing the impact of fragmentation in terms of number of fragments and their affinity and present two heuristic algorithms for solving such problems. We also discuss experimental results, comparing the solutions returned by our heuristics with respect to optimal solutions, which show that the heuristics, while guaranteeing a polynomial-time computation cost are able to retrieve solutions close to optimum.

show abstract

Section: Related Workmentioning

confidence: 93%

Combining fragmentation and encryption to protect privacy in data storage

Ciriani

Vimercati

Foresti

et al. 2010

ACM Trans. Inf. Syst. Secur.

Self Cite

171

179

View full text Add to dashboard Cite

show abstract

“…Function Re_Assign receives as input the set To_Empty of non-empty but underquota groups, and tries to reallocate their tuples to other groups (lines [30][31][32][33][34][35][36][37][38]. Tuples in under-quota groups that cannot be reallocated will be removed from the fragmentation and are inserted into To_Remove (lines [39][40].…”

Section: Computing a K-loose Associationmentioning

confidence: 99%

“…Data dependencies can cause inference channels to arise, allowing a recipient to either precisely determine, or reduce the uncertainty about, the values of sensitive, not released, information that is somehow dependent on the released one. This problem has been under the attention of researchers for decades and has been analyzed from different perspectives, resulting in a large body of research that includes: statistical databases and statistical data publications (e.g., [1]); multilevel database systems with the problem of establishing proper classification of data, capturing data relationships and corresponding inference channels (e.g., [35,66]); ensuring privacy of respondents' identities or of their sensitive information when publishing macro or micro data (e.g., [24,25]); protection of sensitive data associations due to data mining (e.g., [2]). Several approaches have been proposed addressing all these aspects, and offering solutions to block or limit the exposure of sensitive or private information.…”

Section: Introductionmentioning

confidence: 99%

Protecting Privacy in Data Release

Livraga¹

2015

Advances in Information Security

View full text Add to dashboard Cite

“…The work presented in this paper has some affinity with the work in [17]. Although this approach shares with our problem the common goal of enforcing confidentiality constraints on data, it is concerned with retrieving a data classification (according 564 V. Ciriani et al / Selective data outsourcing for enforcing privacy to a multilevel mandatory policy) that ensures sensitive information is not disclosed.…”

Section: Related Workmentioning

confidence: 99%

Selective data outsourcing for enforcing privacy*

Ciriani

Vimercati

Foresti

et al. 2011

JCS

Self Cite

View full text Add to dashboard Cite

Existing approaches for protecting sensitive information outsourced at external "honest-but-curious" servers are typically based on an overlying layer of encryption applied to the whole database, or on the combined use of fragmentation and encryption. In this paper, we put forward a novel paradigm for preserving privacy in data outsourcing, which departs from encryption. The basic idea is to involve the owner in storing a limited portion of the data, while storing the remaining information in the clear at the external server. We analyze the problem of computing a fragmentation that minimizes the owner's workload, which is represented using different metrics and corresponding weight functions, and prove that this minimization problem is NP-hard. We then introduce the definition of locally minimal fragmentation that is used to efficiently compute a fragmentation via a heuristic algorithm. The algorithm translates the problem of finding a locally minimal fragmentation in terms of a hypergraph 2-coloring problem. Finally, we illustrate the execution of queries on fragments and provide experimental results comparing the fragmentations returned by our heuristics with respect to optimal fragmentations. The experiments show that the heuristics guarantees a low computation cost and is able to compute a fragmentation close to optimum.

show abstract

Maximizing Sharing of Protected Information

Cited by 23 publications

References 30 publications

Combining fragmentation and encryption to protect privacy in data storage

Combining fragmentation and encryption to protect privacy in data storage

Protecting Privacy in Data Release

Selective data outsourcing for enforcing privacy*

Contact Info

Product

Resources

About