An overview of query optimization in relational systems
PODS '98 Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Protecting Respondents' Identities in Microdata Release
IEEE Transactions on Knowledge and Data Engineering
Approximating Maximum Independent Sets in Uniform Hypergraphs
MFCS '98 Proceedings of the 23rd International Symposium on Mathematical Foundations of Computer Science
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Approximate coloring of uniform hypergraphs
Journal of Algorithms
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Journal of Cognitive Neuroscience
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Fragmentation and encryption to enforce privacy in data storage
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
Data protection in outsourcing scenarios: issues and directions
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Fragments and loose associations: respecting privacy in data publishing
Proceedings of the VLDB Endowment
Protecting privacy in data release
Foundations of security analysis and design VI
Enforcing confidentiality and data visibility constraints: an OBDD approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
An index structure for private data outsourcing
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Supporting concurrency in private data outsourcing
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Data privacy preservation during schema evolution for multi-tenancy applications in cloud computing
WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
On the inference-proofness of database fragmentation satisfying confidentiality constraints
ISC'11 Proceedings of the 14th international conference on Information security
Data Outsourcing Simplified: Generating Data Connectors from Confidentiality and Access Policies
CCGRID '12 Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
Privacy preservation by disassociation
Proceedings of the VLDB Endowment
k-anonymity-based horizontal fragmentation to preserve privacy in data outsourcing
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Executing SQL queries over encrypted character strings in the Database-As-Service model
Knowledge-Based Systems
Controlled joining on encrypted relational database
Pairing'12 Proceedings of the 5th international conference on Pairing-Based Cryptography
Updating outsourced anatomized private databases
Proceedings of the 16th International Conference on Extending Database Technology
Extending loose associations to multiple fragments
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Using safety constraint for transactional dataset anonymization
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
An OBDD approach to enforce confidentiality and visibility constraints in data publishing
Journal of Computer Security - DBSec 2011
Hi-index | 0.00 |
The impact of privacy requirements in the development of modern applications is increasing very quickly. Many commercial and legal regulations are driving the need to develop reliable solutions for protecting sensitive information whenever it is stored, processed, or communicated to external parties. To this purpose, encryption techniques are currently used in many scenarios where data protection is required since they provide a layer of protection against the disclosure of personal information, which safeguards companies from the costs that may arise from exposing their data to privacy breaches. However, dealing with encrypted data may make query processing more expensive. In this article, we address these issues by proposing a solution to enforce the privacy of data collections that combines data fragmentation with encryption. We model privacy requirements as confidentiality constraints expressing the sensitivity of attributes and their associations. We then use encryption as an underlying (conveniently available) measure for making data unintelligible while exploiting fragmentation as a way to break sensitive associations among attributes. We formalize the problem of minimizing the impact of fragmentation in terms of number of fragments and their affinity and present two heuristic algorithms for solving such problems. We also discuss experimental results, comparing the solutions returned by our heuristics with respect to optimal solutions, which show that the heuristics, while guaranteeing a polynomial-time computation cost are able to retrieve solutions close to optimum.