IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

Users and companies are more and more resorting to external providers for storing their data and making them available to others. Since data sharing is typically selective (i.e., accesses to certain data should be allowed only to authorized users), there is the problem of enforcing authorizations on the outsourced data. Recently proposed approaches based on selective encryption provide convenient enforcement of read privileges, but are not directly applicable for supporting write privileges. In this paper, we extend selective encryption approaches to the support of write privileges. Our proposal enriches the approach based on key derivation of existing solutions and complements it with a hash-based approach for supporting write privileges. Enforcement of write privileges and of possible policy updates relies on the - controlled - cooperation of the external provider. Our solution also allows the data owner and the users to verify the integrity of the outsourced data.

Enforcing dynamic write privileges in data outsourcing / S. De Capitani di Vimercati, S. Foresti, S. Jajodia, G. Livraga, S. Paraboschi, P. Samarati. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 39:A(2013 Nov), pp. 47-63.

Enforcing dynamic write privileges in data outsourcing

S. De Capitani di Vimercati
Primo
;S. Foresti
Secondo
;G. Livraga;P. Samarati
Ultimo
2013

Abstract

Users and companies are more and more resorting to external providers for storing their data and making them available to others. Since data sharing is typically selective (i.e., accesses to certain data should be allowed only to authorized users), there is the problem of enforcing authorizations on the outsourced data. Recently proposed approaches based on selective encryption provide convenient enforcement of read privileges, but are not directly applicable for supporting write privileges. In this paper, we extend selective encryption approaches to the support of write privileges. Our proposal enriches the approach based on key derivation of existing solutions and complements it with a hash-based approach for supporting write privileges. Enforcement of write privileges and of possible policy updates relies on the - controlled - cooperation of the external provider. Our solution also allows the data owner and the users to verify the integrity of the outsourced data.
Data outsourcing; data protection; write authorization enforcement; policy updates; data integrity
Settore INF/01 - Informatica
nov-2013
COMPUTERS & SECURITY
Article (author)
01 - Articolo su periodico
File in questo prodotto:
File Dimensione Formato  
cose2013.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 1.88 MB
Formato Adobe PDF
  Visualizza/Apri   Richiedi una copia
1.88 MB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/217777
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 36
  • ???jsp.display-item.citation.isi??? 22
  • OpenAlex ND
social impact