Chapter

Foundations of Security Analysis and Design VII

Volume 8604 of the series Lecture Notes in Computer Science pp 212-243

Encryption and Fragmentation for Data Confidentiality in the Cloud

  • Sabrina De Capitani di VimercatiAffiliated withDipartimento di Informatica, Università degli Studi di Milano
  • , Robert F. ErbacherAffiliated withU.S. Army Research Laboratory, USA
  • , Sara ForestiAffiliated withDipartimento di Informatica, Università degli Studi di Milano
  • , Sushil JajodiaAffiliated withCenter for Secure Information Systems, George Mason University
  • , Giovanni LivragaAffiliated withDipartimento di Informatica, Università degli Studi di Milano
  • , Pierangela SamaratiAffiliated withDipartimento di Informatica, Università degli Studi di Milano

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Cloud computing has emerged as a successful paradigm allowing individual users as well as companies to resort to external providers for storing/processing data or making them available to others. Together with the many benefits, cloud computing introduces however new security and privacy risks. A major issue is that the data owner, storing data at external providers, loses control over them, leaving them potentially exposed to improper access, use, or dissemination. In this chapter, we consider the problem of protecting confidentiality of sensitive information when relying on external cloud providers for storing and processing data. We introduce confidentiality requirements and then illustrate encryption and data fragmentation as possible protection techniques. In particular, we discuss different approaches that have been proposed using encryption (with indexing) and fragmentation, either by themselves or in combination, to satisfy confidentiality requirements.