Cryptographic implementation of a tree hierarchy for access control
Information Processing Letters
A database encryption system with subkeys
ACM Transactions on Database Systems (TODS)
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Providing Database as a Service
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Implementation of a Storage Mechanism for Untrusted DBMSs
SISW '03 Proceedings of the Second IEEE International Security in Storage Workshop
Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Metadata management in outsourced encrypted databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Security of social information from query analysis in DaaS
Proceedings of the 2009 EDBT/ICDT Workshops
Hi-index | 0.00 |
The amount of information held by organizations' databases is increasing very quickly. A recently proposed solution to the problem of data management, which is becoming increasingly popular, is represented by database outsourcing. Several approaches have been presented to database outsourcing management, investigating the application of data encryption together with indexing information to allow the execution of queries at the third party, without the need of decrypting the data. These proposals assume access control to be under the control of the data owner, who has to filter all the access requests to data. In this paper, we put forward the idea of outsourcing also the access control enforcement at the third party. Our approach combines cryptography together with authorizations, thus enforcing access control via selective encryption. The paper describes authorizations management investigating their specification and representation as well as their enforcement in a dynamic scenario.