Fragmentation and encryption to enforce privacy in data storage

Authors:
Valentina Ciriani;Sabrina De Capitani Di Vimercati;Sara Foresti;Sushil Jajodia;Stefano Paraboschi;Pierangela Samarati
Affiliations:
Università degli Studi di Milano, Crema, Italia;Università degli Studi di Milano, Crema, Italia;Università degli Studi di Milano, Crema, Italia;George Mason University, Fairfax, VA;Università degli Studi di Bergamo, Dalmine, Italia;Università degli Studi di Milano, Crema, Italia
Venue:
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Year:
2007

Citing 12
Cited 14

Vertical partitioning algorithms for database design

ACM Transactions on Database Systems (TODS)
Vertical partitioning for database design: a graphical algorithm

SIGMOD '89 Proceedings of the 1989 ACM SIGMOD international conference on Management of data
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Executing SQL over encrypted data in the database-service-provider model

Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Computers and Intractability: A Guide to the Theory of NP-Completeness

Computers and Intractability: A Guide to the Theory of NP-Completeness
Protecting Respondents' Identities in Microdata Release

IEEE Transactions on Knowledge and Data Engineering
Approximating Maximum Independent Sets in Uniform Hypergraphs

MFCS '98 Proceedings of the 23rd International Symposium on Mathematical Foundations of Computer Science
Providing Database as a Service

ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Balancing confidentiality and efficiency in untrusted relational DBMSs

Proceedings of the 10th ACM conference on Computer and communications security
Approximate coloring of uniform hypergraphs

Journal of Algorithms
Modeling and assessing inference exposure in encrypted databases

ACM Transactions on Information and System Security (TISSEC)
Book Reviews

Journal of Cognitive Neuroscience

A data outsourcing architecture combining cryptography and access control

Proceedings of the 2007 ACM workshop on Computer security architecture
Preserving confidentiality of security policies in data outsourcing

Proceedings of the 7th ACM workshop on Privacy in the electronic society
Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Combining Consistency and Confidentiality Requirements in First-Order Databases

ISC '09 Proceedings of the 12th International Conference on Information Security
Encryption policies for regulating access to outsourced data

ACM Transactions on Database Systems (TODS)
Combining fragmentation and encryption to protect privacy in data storage

ACM Transactions on Information and System Security (TISSEC)
Keep a few: outsourcing data while maintaining confidentiality

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints

IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Distributing data for secure database services

Proceedings of the 4th International Workshop on Privacy and Anonymity in the Information Society
Adaptive, secure, and scalable distributed data outsourcing: a vision paper

Proceedings of the 2011 workshop on Dynamic distributed data-intensive applications, programming abstractions, and systems
Data privacy preservation during schema evolution for multi-tenancy applications in cloud computing

WISM'11 Proceedings of the 2011 international conference on Web information systems and mining - Volume Part I
Distributing Data for Secure Database Services

Transactions on Data Privacy
Confidentiality-Preserving query execution of fragmented outsourced data

ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
An OBDD approach to enforce confidentiality and visibility constraints in data publishing

Journal of Computer Security - DBSec 2011

Quantified Score

Hi-index	0.00

Visualization

Abstract

Privacy requirements have an increasing impact on the realization of modern applications. Technical considerations and many significant commercial and legal regulations demand today that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. It is therefore crucial to design solutions able to respond to this demand with a clear integration strategy for existing applications and a consideration of the performance impact of the protection measures. In this paper we address this problem and propose a solution to enforce privacy over data collections by combining data fragmentation with encryption. The idea behind our approach is to use encryption as an underlying (conveniently available) measure for making data unintelligible, while exploiting fragmentation as a way to break sensitive associations between information.