The protection of the confidentiality of outsourced data is an important problem. A critical aspect is the ability to efficiently access data that are stored in an encrypted format, without giving to the server managing access requests the ability to infer knowledge about the data content of the access executed by the clients. The approaches that have been proposed to solve this problem rely on a continuous rewriting and re-encryption of the accessed data, like the shuffle index that has recently been proposed. We here propose a different approach that uses three independent servers to manage the data structure. The use of three servers is motivated by the increased protection that derives from the use of independent servers compared to the use of a single server. The protection shows to increase in a significant way if a constraint is introduced that at every request an accessed node has to be moved to a different server. The use of three servers permits to keep the accessed data protected even when the servers collude. The protection is evaluated with a probabilistic model that estimates the loss of information that derives from the application of the technique.
Protecting access confidentiality with data distribution and swapping / S. De Capitani di Vimercati, S. Foresti, S. Paraboschi, G. Pelosi, P. Samarati - In: The fourth IEEE International conference on big data and cloud computing : BDCloud 2014 ; with the seventh IEEE International conference on social computing and networking : SocialCom 2014 ; the fourth International conference on sustainable computing and communications : SustainCom 2014 : Sydney, Australia, 3-5 December 2014 : Proceedings / [a cura di] J. Chen, L.T. Yang. - Los Alamitos (California) ; Piscataway (New Jersey) : IEEE Computer society, 2014 Dec. - ISBN 9781479967193. - pp. 167-174 (( Intervento presentato al 4. convegno International conference on big data and cloud computing (BDCloud) tenutosi a Sydney (Australia) nel 2014.
Protecting access confidentiality with data distribution and swapping
S. De Capitani di Vimercati;S. Foresti;P. Samarati
2014
Abstract
The protection of the confidentiality of outsourced data is an important problem. A critical aspect is the ability to efficiently access data that are stored in an encrypted format, without giving to the server managing access requests the ability to infer knowledge about the data content of the access executed by the clients. The approaches that have been proposed to solve this problem rely on a continuous rewriting and re-encryption of the accessed data, like the shuffle index that has recently been proposed. We here propose a different approach that uses three independent servers to manage the data structure. The use of three servers is motivated by the increased protection that derives from the use of independent servers compared to the use of a single server. The protection shows to increase in a significant way if a constraint is introduced that at every request an accessed node has to be moved to a different server. The use of three servers permits to keep the accessed data protected even when the servers collude. The protection is evaluated with a probabilistic model that estimates the loss of information that derives from the application of the technique.
| File | Dimensione | Formato | |
|---|---|---|---|
|
BDCloud.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
433.27 kB
Formato
Adobe PDF
|
433.27 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
