On some cryptographic solutions for access control in a tree hierarchy
ACM '87 Proceedings of the 1987 Fall Joint Computer Conference on Exploring technology: today and tomorrow
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
On Key Assignment for Hierarchical Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Chip-secured data access: confidential data on untrusted servers
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
A data outsourcing architecture combining cryptography and access control
Proceedings of the 2007 ACM workshop on Computer security architecture
Preserving confidentiality of security policies in data outsourcing
Proceedings of the 7th ACM workshop on Privacy in the electronic society
Authenticated indexing for outsourced spatial databases
The VLDB Journal — The International Journal on Very Large Data Bases
Secure and efficient access to outsourced data
Proceedings of the 2009 ACM workshop on Cloud computing security
Patient controlled encryption: ensuring privacy of electronic medical records
Proceedings of the 2009 ACM workshop on Cloud computing security
Encryption policies for regulating access to outsourced data
ACM Transactions on Database Systems (TODS)
Data protection in outsourcing scenarios: issues and directions
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Attribute based data sharing with attribute revocation
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Keep a few: outsourcing data while maintaining confidentiality
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Achieving secure, scalable, and fine-grained data access control in cloud computing
INFOCOM'10 Proceedings of the 29th conference on Information communications
A mutual and pseudo inverse matrix - based authentication mechanism for outsourcing service
ACIIDS'11 Proceedings of the Third international conference on Intelligent information and database systems - Volume Part I
A secure and efficient role-based access policy towards cryptographic cloud storage
WAIM'11 Proceedings of the 12th international conference on Web-age information management
A data masking technique for data warehouses
Proceedings of the 15th Symposium on International Database Engineering & Applications
Secured cloud storage scheme using ECC based key management in user hierarchy
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Privacy enhanced data outsourcing in the cloud
Journal of Network and Computer Applications
SAPDS: self-healing attribute-based privacy aware data sharing in cloud
The Journal of Supercomputing
DaWaK'12 Proceedings of the 14th international conference on Data Warehousing and Knowledge Discovery
Small business-oriented index construction of cloud data
ICA3PP'12 Proceedings of the 12th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
How to use attribute-based encryption to implement role-based access control in the cloud
Proceedings of the 2013 international workshop on Security in cloud computing
Enabling secure location-based services in mobile cloud computing
Proceedings of the second ACM SIGCOMM workshop on Mobile cloud computing
Efficient and secure data storage operations for mobile cloud computing
Proceedings of the 8th International Conference on Network and Service Management
Supporting complex queries and access policies for multi-user encrypted databases
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Role-based access control to outsourced data in cloud computing
ADC '13 Proceedings of the Twenty-Fourth Australasian Database Conference - Volume 137
Providing a data location assurance service for cloud storage environments
Journal of Mobile Multimedia
Hi-index | 0.00 |
Data outsourcing is emerging today as a successful paradigm allowing users and organizations to exploit external services for the distribution of resources. A crucial problem to be addressed in this context concerns the enforcement of selective authorization policies and the support of policy updates in dynamic scenarios. In this paper, we present a novel solution to the enforcement of access control and the management of its evolution. Our proposal is based on the application of selective encryption as a means to enforce authorizations. Two layers of encryption are imposed on data: the inner layer is imposed by the owner for providing initial protection, the outer layer is imposed by the server to reflect policy modifications. The combination of the two layers provides an efficient and robust solution. The paper presents a model, an algorithm for the management of the two layers, and an analysis to identify and therefore counteract possible information exposure risks.