Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Protection and the control of information sharing in multics
Communications of the ACM
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Cryptographic access control in a distributed file system
Proceedings of the eighth ACM symposium on Access control models and technologies
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability
On Key Assignment for Hierarchical Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Chip-secured data access: reconciling access rights with data encryption
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Over-encryption: management of access control evolution on outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Fragmentation and encryption to enforce privacy in data storage
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Preserving confidentiality of security policies in data outsourcing
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Secure and efficient access to outsourced data
Proceedings of the 2009 ACM workshop on Cloud computing security
Cryptography based access control in healthcare web systems
2010 Information Security Curriculum Development Conference
Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC
Proceedings of the 18th ACM conference on Computer and communications security
Secured cloud storage scheme using ECC based key management in user hierarchy
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Privacy enhanced data outsourcing in the cloud
Journal of Network and Computer Applications
Enforcing subscription-based authorization policies in cloud scenarios
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Dependable and secure computing in medical information systems
Computer Communications
Supporting Secure Information Flow: An Engineering Approach
International Journal of e-Collaboration
Improving security and efficiency of time-bound access to outsourced data
Proceedings of the 6th ACM India Computing Convention
Hi-index | 0.00 |
Data outsourcing is becoming today a successful solution that allows users and organizations to exploit external servers for the distribution of resources. Some of the most challenging issues in such a scenario are the enforcement of authorization policies and the support of policy updates. Since a common approach for protecting the outsourced data consists in encrypting the data themselves, a promising approach for solving these issues is based on the combination of access control with cryptography. This idea is in itself not new, but the problem of applying it in an outsourced architecture introduces several challenges. In this paper, we first illustrate the basic principles on which an architecture for combining access control and cryptography can be built. We then illustrate an approach for enforcing authorization policies and supporting dynamic authorizations, allowing policy changes and data updates at a limited cost in terms of bandwidth and computational power.