We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced in the query execution by possibly restricting operation assignments to other parties and by adjusting visibility of data on-the-fly. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.

An Authorization Model for Multi-Provider Queries / S. De Capitani di Vimercati, S. Foresti, S. Jajodia, G. Livraga, S. Paraboschi, P. Samarati. - In: PROCEEDINGS OF THE VLDB ENDOWMENT. - ISSN 2150-8097. - 11:3(2017 Nov), pp. 256-268. ((Intervento presentato al 44. convegno International Conference on Very Large Data Bases tenutosi a Rio De Janeiro, Brasil nel 2018.

An Authorization Model for Multi-Provider Queries

S. De Capitani di Vimercati
Primo
;
S. Foresti
Secondo
;
G. Livraga;P. Samarati
Ultimo
2017

Abstract

We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced in the query execution by possibly restricting operation assignments to other parties and by adjusting visibility of data on-the-fly. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.
Settore INF/01 - Informatica
   Enforceable Security in the Cloud to Uphold Data Ownership
   ESCUDO CLOUD
   EUROPEAN COMMISSION
   H2020
   644579

   ABC GATES FOR EUROPE
   ABC4EU
   EUROPEAN COMMISSION
   FP7
   312797
nov-2017
VLDB Endowment
Article (author)
File in questo prodotto:
File Dimensione Formato  
p355-decapitanidivimercati.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 393.95 kB
Formato Adobe PDF
393.95 kB Adobe PDF Visualizza/Apri
pvldb-2017.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 623.4 kB
Formato Adobe PDF
623.4 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/545537
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? 7
social impact