Subtree-elimination algorithms in deductive databases
Subtree-elimination algorithms in deductive databases
Access Control and Signatures via Quorum Secret Sharing
IEEE Transactions on Parallel and Distributed Systems
OceanStore: an architecture for global-scale persistent storage
ACM SIGPLAN Notices
Communications of the ACM
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
A scalable content-addressable network
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Conjunctive Query Containment Revisited
ICDT '97 Proceedings of the 6th International Conference on Database Theory
Cryptographic access control in a distributed file system
Proceedings of the eighth ACM symposium on Access control models and technologies
Optimal implementation of conjunctive queries in relational data bases
STOC '77 Proceedings of the ninth annual ACM symposium on Theory of computing
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
EURASIP Journal on Wireless Communications and Networking
Cryptree: A Folder Tree Structure for Cryptographic File Systems
SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
A survey on peer-to-peer key management for mobile ad hoc networks
ACM Computing Surveys (CSUR)
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
XACML Policy Integration Algorithms
ACM Transactions on Information and System Security (TISSEC)
On replacing cryptographic keys in hierarchical key management systems
Journal of Computer Security - The Third IEEE International Symposium on Security in Networks and Distributed Systems
Distributed databases and peer-to-peer databases: past and present
ACM SIGMOD Record
Distributed Privilege Enforcement in PACS
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Analysis and Protection of Dynamic Membership Information for Group Key Distribution Schemes
IEEE Transactions on Information Forensics and Security
SPac: a distributed, peer-to-peer, secure and privacy-aware social space
CIKM '10 Proceedings of the 19th ACM international conference on Information and knowledge management
Privacy of data outsourced to a cloud for selected readers through client-side encryption
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Hi-index | 0.00 |
The intent of peer data management systems (PDMS) is to share as much data as possible. However, in many applications leveraging sensitive data, users demand adequate mechanisms to restrict the access to authorized parties. In this paper, we study a distributed access control model, where data items are stored, queried and authenticated in a totally decentralized fashion. Our contribution focuses on the design of a comprehensive framework for access control enforcement in PDMS sharing secure data, which blends policy rules defined in a declarative language with distributed key management schemes. The data owner peer decides which data to share and whom to share with by means of such policies, with the data encrypted accordingly. To defend against malicious attackers who can compromise the peers, the decryption keys are decomposed into pieces scattered amongst peers. We discuss the details of how to adapt distributed encryption schemes to PDMS to enforce robust and resilient access control, and demonstrate the efficiency and scalability of our approach by means of an extensive experimental study.