Keep a few: outsourcing data while maintaining confidentiality

Authors:
Valentina Ciriani;Sabrina De Capitani Di Vimercati;Sara Foresti;Sushil Jajodia;Stefano Paraboschi;Pierangela Samarati
Affiliations:
DTI, Università degli Studi di Milano, Crema, Italia;DTI, Università degli Studi di Milano, Crema, Italia;DTI, Università degli Studi di Milano, Crema, Italia;CSIS, George Mason University, Fairfax, VA;DIIMM, Università degli Studi di Bergamo, Dalmine, Italia;DTI, Università degli Studi di Milano, Crema, Italia
Venue:
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Year:
2009

Citing 11
Cited 18

Vertical partitioning algorithms for database design

ACM Transactions on Database Systems (TODS)
Computers and Intractability: A Guide to the Theory of NP-Completeness

Computers and Intractability: A Guide to the Theory of NP-Completeness
Providing Database as a Service

ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Modeling and assessing inference exposure in encrypted databases

ACM Transactions on Information and System Security (TISSEC)
Book Reviews

Journal of Cognitive Neuroscience
Controlling access to published data using cryptography

VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Over-encryption: management of access control evolution on outsourced data

VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Reducing inference control to access control for normalized database schemas

Information Processing Letters
Anonymizing bipartite graph data using safe groupings

Proceedings of the VLDB Endowment
Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases

ICDCS '09 Proceedings of the 2009 29th IEEE International Conference on Distributed Computing Systems
Fragmentation and encryption to enforce privacy in data storage

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Data protection in outsourcing scenarios: issues and directions

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Investigating privacy-aware distributed query evaluation

Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints

IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
A sound and complete model-generation procedure for consistent and confidentiality-preserving databases

Theoretical Computer Science
Adaptive, secure, and scalable distributed data outsourcing: a vision paper

Proceedings of the 2011 workshop on Dynamic distributed data-intensive applications, programming abstractions, and systems
Cooperative data access in multi-cloud environments

DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Enforcing confidentiality and data visibility constraints: an OBDD approach

DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Query processing in private data outsourcing using anonymization

DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
An index structure for private data outsourcing

DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
CryptDB: protecting confidentiality with encrypted query processing

SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
On the inference-proofness of database fragmentation satisfying confidentiality constraints

ISC'11 Proceedings of the 14th international conference on Information security
Efficient privacy-preserving data distribution in outsourced environments: a fragmentation-based approach

Proceedings of the International Conference on Advances in Computing, Communications and Informatics
Security limitations of using secret sharing for data outsourcing

DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
k-anonymity-based horizontal fragmentation to preserve privacy in data outsourcing

DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Compromising privacy in precise query protocols

Proceedings of the 16th International Conference on Extending Database Technology
Processing analytical queries over encrypted data

Proceedings of the VLDB Endowment
Database fragmentation with encryption: under which semantic constraints and a priori knowledge can two keep a secret?

DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
An OBDD approach to enforce confidentiality and visibility constraints in data publishing

Journal of Computer Security - DBSec 2011

Quantified Score

Hi-index	0.01

Visualization

Abstract

We put forward a novel paradigm for preserving privacy in data outsourcing which departs from encryption. The basic idea behind our proposal is to involve the owner in storing a limited portion of the data, and maintaining all data (either at the owner or at external servers) in the clear. We assume a relational context, where the data to be outsourced is contained in a relational table. We then analyze how the relational table can be fragmented, minimizing the load for the data owner. We propose several metrics and present a general framework capturing all of them, with a corresponding algorithm finding a heuristic solution to a family of NP-hard problems.