Support for write privileges on outsourced data

De Capitani di Vimercati, S.; Foresti, S.; Jajodia, S.; Paraboschi, S.; Samarati, P.

doi:10.1007/978-3-642-30436-1_17

In the last years, data outsourcing has received an increasing attention by the research community thanks to the benefits that it brings in terms of data management. A basic requirement in such a scenario is that outsourced data be made accessible only to authorized users, that is, no unauthorized party (including the storing server) should have access to the data. While existing proposals provide a sound basis for addressing such a need with respect to data dissemination (i.e., enforcement of read authorizations), they fall short on the support of write authorizations. In this paper we address such an open problem and present an approach to enforce write privileges over outsourced data. Our work nicely extends and complements existing solutions, and exploiting key derivation tokens, hashing, and HMAC functions provides efficient and effective controls.

Support for write privileges on outsourced data / S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati - In: Information security and privacy research / [a cura di] D. Gritzalis, S. Furnell, M. Theoharidou. - Heidelberg : Springer, 2012. - ISBN 9783642304354. - pp. 199-210 (( Intervento presentato al 27. convegno IFIP TC 11 Information Security and Privacy Conference (SEC) tenutosi a Heraklion nel 2012.

Support for write privileges on outsourced data

S. De Capitani di Vimercati^Primo;S. Foresti^Secondo;S. Jajodia;S. Paraboschi;P. Samarati^Ultimo

2012

Abstract

In the last years, data outsourcing has received an increasing attention by the research community thanks to the benefits that it brings in terms of data management. A basic requirement in such a scenario is that outsourced data be made accessible only to authorized users, that is, no unauthorized party (including the storing server) should have access to the data. While existing proposals provide a sound basis for addressing such a need with respect to data dissemination (i.e., enforcement of read authorizations), they fall short on the support of write authorizations. In this paper we address such an open problem and present an approach to enforce write privileges over outsourced data. Our work nicely extends and complements existing solutions, and exploiting key derivation tokens, hashing, and HMAC functions provides efficient and effective controls.

Scheda breve

Scheda completa

Scheda completa (DC)

	Parole chiave
	
			Data outsourcing; data protection; authorization management
		
	Settori scientifico-disciplinari del contributo
	
			Settore INF/01 - Informatica
		
	Data di pubblicazione
	
			2012
		
	DOI
	
			https://dx.doi.org/10.1007/978-3-642-30436-1_17
		
	Tipologia
	
			Book Part (author)
		
	Appare nelle tipologie:
	
			03 - Contributo in volume

File in questo prodotto:

File	Dimensione	Formato
sec2012.pdf accesso aperto Tipologia: Pre-print (manoscritto inviato all'editore) Dimensione 184.81 kB Formato Adobe PDF Visualizza/Apri	184.81 kB	Adobe PDF	Visualizza/Apri

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/174417

Citazioni

ND

10

4

IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca