IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

We propose an approach to protect confidentiality of data and accesses to them when data are stored and managed by external providers, and hence not under direct control of their owner. Our approach is based on the use of distributed data allocation among three independent servers and on a dynamic re-allocation of data at every access. Dynamic re-allocation is enforced by swapping data involved in an access across the servers in such a way that accessing a given node implies re-allocating it to a different server, then destroying the ability of servers to build knowledge by observing accesses. The use of three servers provides uncertainty, to the eyes of the servers, of the result of the swapping operation, even in presence of collusion among them.

Three-server swapping for access confidentiality / S. De Capitani di Vimercati, S. Foresti, S. Paraboschi, G. Pelosi, P. Samarati. - In: IEEE TRANSACTIONS ON CLOUD COMPUTING. - ISSN 2168-7161. - 6:2(2018 Apr), pp. 492-505. [10.1109/TCC.2015.2449993]

Three-server swapping for access confidentiality

S. De Capitani di Vimercati;S. Foresti;P. Samarati
2018

Abstract

We propose an approach to protect confidentiality of data and accesses to them when data are stored and managed by external providers, and hence not under direct control of their owner. Our approach is based on the use of distributed data allocation among three independent servers and on a dynamic re-allocation of data at every access. Dynamic re-allocation is enforced by swapping data involved in an access across the servers in such a way that accessing a given node implies re-allocating it to a different server, then destroying the ability of servers to build knowledge by observing accesses. The use of three servers provides uncertainty, to the eyes of the servers, of the result of the swapping operation, even in presence of collusion among them.
Shuffle index; content confidentiality; access confidentiality; pattern confidentiality; distributed swapping
Settore INF/01 - Informatica
   Enforceable Security in the Cloud to Uphold Data Ownership
   ESCUDO CLOUD
   EUROPEAN COMMISSION
   H2020
   644579

   ABC GATES FOR EUROPE
   ABC4EU
   EUROPEAN COMMISSION
   FP7
   312797

   Data-Centric Genomic Computing (GenData 2020)
   MINISTERO DELL'ISTRUZIONE E DEL MERITO
   2010RTFWBH_009
apr-2018
Article (author)
01 - Articolo su periodico
File in questo prodotto:
File Dimensione Formato  
dfpps-tcc2015.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 1.99 MB
Formato Adobe PDF
Visualizza/Apri
1.99 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/389498
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? 2
social impact