Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud

Vimercati, Sabrina Capitani Di; Foresti, Sara; Livraga, Giovanni; Samarati, Pierangela

doi:10.1007/978-3-662-49301-4_15

Cited by 19 publications

(21 citation statements)

References 80 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The query optimizer can choose to apply different encryption schemes (e.g., deterministic or randomized encryption) depending on the operations to be executed on the encrypted values [10,22]. We propose to adopt, for each attribute, the scheme providing highest protection, while supporting the operations to be executed on the attribute's encrypted values.…”

Section: Computing and Distributing As-signmentsmentioning

confidence: 99%

An authorization model for multi provider queries

et al. 2017

Self Cite

View full text Add to dashboard Cite

We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced in the query execution by possibly restricting operation assignments to other parties and by adjusting visibility of data on-the-fly. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.

show abstract

Section: Computing and Distributing As-signmentsmentioning

confidence: 99%

An authorization model for multi provider queries

et al. 2017

Self Cite

View full text Add to dashboard Cite

show abstract

“…In spite of inherent performance improvements, such a solution is still dominated by the available number of peers and the -potentially large -number of encrypted triples each peer would have to process. Current efficient solutions for querying encrypted data are based on (a) using indexes to speed up the decryption process by reducing the set of potential solutions; or (b) making use of specific encryption schemes that support the execution of operations directly over encrypted data [13]. Our solution herein follows the first approach, whereas the use of alternative and directly encryption mechanisms (such as homomorphic encryption [28]) is complementary and left to future work.…”

Section: Optimising Query Execution Over Encrypted Rdfmentioning

confidence: 99%

“…However, the structure should also be protected as hashbased indexes can represent a security risk if the data server is compromised. State-of-the-art solutions (cf., [13]) propose the inclusion of spurious information, that the query processor must filter out in order to obtain the final query result.…”

Section: : (H(s) H(p) H(o)) ← Hash(s P O); 2: Index ← Selectbestmentioning

confidence: 99%

Self-Enforcing Access Control for Encrypted RDF

et al. 2017

View full text Add to dashboard Cite

Abstract. The amount of raw data exchanged via web protocols is steadily increasing. Although the Linked Data infrastructure could potentially be used to selectively share RDF data with different individuals or organisations, the primary focus remains on the unrestricted sharing of public data. In order to extend the Linked Data paradigm to cater for closed data, there is a need to augment the existing infrastructure with robust security mechanisms. At the most basic level both access control and encryption mechanisms are required. In this paper, we propose a flexible and dynamic mechanism for securely storing and efficiently querying RDF datasets. By employing an encryption strategy based on Functional Encryption (FE) in which controlled data access does not require a trusted mediator, but is instead enforced by the cryptographic approach itself, we allow for fine-grained access control over encrypted RDF data while at the same time reducing the administrative overhead associated with access control management.

show abstract

“…While effective, this simple solution could not be efficient since it might create more tokens than necessary. To reduce the number of tokens, the key derivation structure is typically enriched with additional vertices whose key is used for derivation only [3], [5]. While in cloud-based scenarios such additional vertices are typically associated with groups of users, the considered scenario would benefit from the definition of keys associated with groups of resources.…”

Section: A Authorization Policy and Key Derivation Structurementioning

confidence: 99%

Empowering Owners with Control in Digital Data Markets

Vimercati

Foresti

Livraga

et al. 2019

2019 IEEE 12th International Conference on Cloud Computing (CLOUD)

Self Cite

View full text Add to dashboard Cite

We propose an approach for allowing data owners to trade their data in digital data market scenarios, while keeping control over them. Our solution is based on a combination of selective encryption and smart contracts deployed on a blockchain, and ensures that only authorized users who paid an agreed amount can access a data item. We propose a safe interaction protocol for regulating the interplay between a data owner and subjects wishing to purchase (a subset of) her data, and an audit process for counteracting possible misbehaviors by any of the interacting parties. Our solution aims to make a step towards the realization of data market platforms where owners can benefit from trading their data while maintaining control.

show abstract

Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud

Cited by 19 publications

References 80 publications

An authorization model for multi provider queries

An authorization model for multi provider queries

Self-Enforcing Access Control for Encrypted RDF

Empowering Owners with Control in Digital Data Markets

Contact Info

Product

Resources

About