Privacy requirements have an increasing impact on the realization of modern applications. Technical considerations and many significant commercial and legal regulations demand today that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. It is therefore crucial to design solutions able to respond to this demand with a clear integration strategy for existing applications and a consideration of the performance impact of the protection measures. In this paper we address this problem and propose a solution to enforce privacy over data collections by combining data fragmentation with encryption. The idea behind our approach is to use encryption as an underlying (conveniently available) measure for making data unintelligible, while exploiting fragmentation as a way to break sensitive associations between information.

Fragmentation and encryption to enforce privacy in data storage / V. Ciriani, S. DE CAPITANI DI VIMERCATI, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati (LECTURE NOTES IN COMPUTER SCIENCE). - In: Computer security : ESORICS 2007 / [a cura di] J. Biskup, J. Lopez. - Berlin : Springer, 2007. - ISBN 9783540748342. - pp. 171-186 (( Intervento presentato al 12. convegno European Symposium on Research in Computer Security tenutosi a Dresden nel 2007 [10.1007/978-3-540-74835-9_12].

Fragmentation and encryption to enforce privacy in data storage

V. Ciriani
Primo
;
S. DE CAPITANI DI VIMERCATI
Secondo
;
S. Foresti;P. Samarati
Ultimo
2007

Abstract

Privacy requirements have an increasing impact on the realization of modern applications. Technical considerations and many significant commercial and legal regulations demand today that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. It is therefore crucial to design solutions able to respond to this demand with a clear integration strategy for existing applications and a consideration of the performance impact of the protection measures. In this paper we address this problem and propose a solution to enforce privacy over data collections by combining data fragmentation with encryption. The idea behind our approach is to use encryption as an underlying (conveniently available) measure for making data unintelligible, while exploiting fragmentation as a way to break sensitive associations between information.
privacy; fragmentation; encryption
Settore INF/01 - Informatica
2007
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/35060
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 88
  • ???jsp.display-item.citation.isi??? 43
social impact