Support for Write Privileges on Outsourced Data

In the last years, data outsourcing has received an increasing attention by the research community thanks to the benefits that it brings in terms of data management. A basic requirement in such a scenario is that outsourced data be made accessible only to authorized users, that is, no unauthorized party (including the storing server) should have access to the data. While existing proposals provide a sound basis for addressing such a need with respect to data dissemination (i.e., enforcement of read authorizations), they fall short on the support of write authorizations.

[1]  Sushil Jajodia,et al.  A data outsourcing architecture combining cryptography and access control , 2007, CSAW '07.

[2]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[3]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[4]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[5]  Kouichi Sakurai,et al.  Realizing Fine-Grained and Flexible Access Control to Outsourced Data with Attribute-Based Cryptosystems , 2011, ISPEC.

[6]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[7]  Steven M. Bellovin,et al.  Privacy Enhanced Access Control for Outsourced Data Sharing , 2012, Financial Cryptography.

[8]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[9]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[10]  Mikhail J. Atallah,et al.  Dynamic and efficient key management for access hierarchies , 2005, CCS '05.

[11]  Ernesto Damiani,et al.  Fine grained access control for SOAP E-services , 2001, WWW '01.

[12]  Marina Blanton,et al.  Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[13]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[14]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[15]  Marco Gamassi,et al.  Robust fingerprint detection for access control , 2005 .

[16]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[17]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[18]  Kian-Lee Tan,et al.  Verifying completeness of relational query results in data publishing , 2005, SIGMOD '05.

[19]  Stelvio Cimato,et al.  Privacy-Aware Biometrics: Design and Implementation of a Multimodal Verification System , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[20]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.

[21]  Xiaofeng Meng,et al.  Integrity Auditing of Outsourced Data , 2007, VLDB.

[22]  Sushil Jajodia,et al.  Encryption policies for regulating access to outsourced data , 2010, TODS.

[23]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.