Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Order preserving encryption for numeric data
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
A framework for determining efficient management configurations
Computer Networks: The International Journal of Computer and Telecommunications Networking
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Policies, grids and autonomic computing
DEAS '05 Proceedings of the 2005 workshop on Design and evolution of autonomic application software
Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series)
Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series)
Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases
ICDCS '09 Proceedings of the 2009 29th IEEE International Conference on Distributed Computing Systems
Data Security in the World of Cloud Computing
IEEE Security and Privacy
Public-key cryptosystems based on composite degree residuosity classes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Combining fragmentation and encryption to protect privacy in data storage
ACM Transactions on Information and System Security (TISSEC)
Adaptive, secure, and scalable distributed data outsourcing: a vision paper
Proceedings of the 2011 workshop on Dynamic distributed data-intensive applications, programming abstractions, and systems
Aggregation queries in the database-as-a-service model
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Proceedings of the 18th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
For cloud-based outsourcing of confidential data, various techniques based on cryptography or data-fragmentation have been proposed, each with its own tradeoff between confidentiality, performance, and the set of supported queries. However, it is complex and error-prone to select appropriate techniques to individual scenarios manually. In this paper, we present a policy-based approach consisting of a domain specific language and a policy-transformator to automatically generate scenario-specific software adapters called mediators that set up data outsourcing and govern data access. Mediators combine state-of-the-art confidentiality techniques to ensure a user-specified level of confidentiality while still offering efficient data access. Thus, our approach simplifies data outsourcing by decoupling policy decisions from their technical implementation and realizes appropriate tradeoffs between confidentiality and efficiency.