Skip to main content
SpringerLink
Log in

Supporting Users in Data Outsourcing and Protection in the Cloud

  • Conference paper
  • First Online:
Cloud Computing and Services Science (CLOSER 2016)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 740))

Included in the following conference series:

Abstract

Moving data and applications to the cloud allows users and companies to enjoy considerable benefits. However, these benefits are also accompanied by a number of security issues that should be addressed. Among these, the need to ensure that possible requirements on security, costs, and quality of services are satisfied by the cloud providers, and the need to adopt techniques ensuring the proper protection of their data and applications. In this paper, we present different strategies and solutions that can be applied to address these issues.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: Proceedings of CIDR 2005, Asilomar, CA, USA, January 2005

    Google Scholar 

  2. Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of ACM SIGMOD, Paris, France, June 2004

    Google Scholar 

  3. Anagnostopoulos, A., Goodrich, M.T., Tamassia, R.: Persistent authenticated dictionaries and their applications. In: Proceedings of ISC 2001, Malaga, Spain, October 2001

    Google Scholar 

  4. Anglano, C., Canonico, M., Guazzone, M.: FC2Q: exploiting fuzzy control in server consolidation for cloud applications with SLA constraints. Concurrency Comput. Pract. Experience 22(6), 4491–4514 (2014)

    Google Scholar 

  5. Arasu, A., Blanas, S., Eguro, K., Kaushik, R., Kossmann, D., Ramamurthy, R., Venkatesan, R.: Orthogonal security with cipherbase. In: Proceedigs of CIDR 2013, Asilomar, CA, USA, January 2013

    Google Scholar 

  6. Arman, A., Foresti, S., Livraga, G., Samarati, P.: A consensus-based approach for selecting cloud plans. In: Proceedings of IEEE RTSI 2016, Bologna, Italy, September 2016

    Google Scholar 

  7. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of ACM CCS 2007, Alexandria, VA, USA, October/November 2007

    Google Scholar 

  8. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Proceedings of EUROCRYPT 2003, Warsaw, Poland, May 2003

    Google Scholar 

  9. Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM TISSEC 8(1), 119–152 (2005)

    Article  Google Scholar 

  10. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM TISSEC 13(3), 22:1–22:33 (2010)

    Article  Google Scholar 

  11. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data outsourcing for enforcing privacy. JCS 19(3), 531–566 (2011)

    Article  Google Scholar 

  12. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P.: An OBDD approach to enforce confidentiality and visibility constraints in data publishing. JCS 20(5), 463–508 (2012)

    Article  Google Scholar 

  13. Cloud Security Alliance: Cloud Control Matrix v3.0.1. https://cloudsecurityalliance.org/research/ccm/

  14. Damiani, E., Capitani, D., di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of CCS 2003, Washington, DC, USA, October 2003

    Google Scholar 

  15. Dastjerdi, A.V., Buyya, R.: Compatibility-aware cloud service composition under fuzzy preferences of users. IEEE TCC 2(1), 1–13 (2014)

    Google Scholar 

  16. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Enforcing dynamic write privileges in data outsourcing. Comput. Secur. 39, 47–63 (2013)

    Article  Google Scholar 

  17. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE TDSC 11(6), 510–523 (2014)

    MATH  Google Scholar 

  18. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Integrity for distributed queries. In: Proceedings of IEEE CNS 2014, San Francisco, CA, USA, October 2014

    Google Scholar 

  19. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM TODS 35(2), 12:1–12:46 (2010)

    Google Scholar 

  20. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Integrity for join queries in the cloud. IEEE TCC 1(2), 187–200 (2013)

    Google Scholar 

  21. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Efficient integrity checks for join queries in the cloud. JCS 24(3), 347–378 (2016)

    Article  Google Scholar 

  22. De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: Proceedings of ICDCS 2011, Minneapolis, Minnesota, USA, June 2011

    Google Scholar 

  23. De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Shuffle index: efficient and private access to outsourced data. ACM TOS 11(4), 1–55 (2015). Article 19

    Article  Google Scholar 

  24. De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Managing and accessing data in the cloud: Privacy risks and approaches. In: Proceedings of CRiSIS 2012, Cork, Ireland, October 2012

    Google Scholar 

  25. De Capitani di Vimercati, S., Livraga, G., Piuri, V.: Application requirements with preferences in cloud-based information processing. In: Proceedings of IEEE RTSI 2016, Bologna, Italy, September 2016

    Google Scholar 

  26. De Capitani di Vimercati, S., Livraga, G., Piuri, V., Samarati, P., Soares, G.: Supporting application requirements in cloud-based IoT information processing. In: Procedings of IoTBD 2016, Rome, Italy, April 2016

    Google Scholar 

  27. Di Battista, G., Palazzi, B.: Authenticated relational tables and authenticated skip lists. In: Proceedings of DBSec 2007, Redondo Beach, CA, USA, July 2007

    Google Scholar 

  28. Foresti, S., Piuri, V., Soares, G.: On the use of fuzzy logic in dependable cloud management. In: Proceedings of IEEE CNS 2015, Florence, Italy, September 2015

    Google Scholar 

  29. Frey, S., Claudia, L., Reich, C., Clarke, N.: Cloud QoS scaling by fuzzy logic. In: IEEE IC2E 2014, Boston, MA, USA, March 2014

    Google Scholar 

  30. Garg, S.K., Versteeg, S., Buyya, R.: SMICloud: A framework for comparing and ranking cloud services. In: Proc. of IEEE UCC 2011, Melbourne, Australia, December 2011

    Google Scholar 

  31. Garg, S.K., Versteeg, S., Buyya, R.: A framework for ranking of cloud computing services. Future Gener. Comput. Syst. 29(4), 1012–1023 (2013)

    Article  Google Scholar 

  32. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of STOC 2009, Bethesda, MA, USA, May 2009

    Google Scholar 

  33. Goscinski, A., Brock, M.: Toward dynamic and attribute based publication, discovery and selection for cloud computing. Future Gener. Comput. Syst. 26(7), 947–970 (2010)

    Article  Google Scholar 

  34. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of ACM CCS 2006, Alexandria, VA, USA, October/November 2006

    Google Scholar 

  35. Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring integrity of encrypted databases in database as a service model. In: Proceedings of DBSec 2003, Estes Park, CO, USA, August 2003

    Google Scholar 

  36. Hacigümüs, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational database. In: Proceedings of DASFAA 2004, Jeju Island, Korea, March 2004

    Google Scholar 

  37. Hacigümüs, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of SIGMOD 2002, Madison, WI, USA, June 2002

    Google Scholar 

  38. Jhawar, R., Piuri, V.: Fault tolerance management in IaaS clouds. In: Proceedings of IEEE-AESS ESTEL 2012, Rome, Italy, October 2012

    Google Scholar 

  39. Jhawar, R., Piuri, V., Samarati, P.: Supporting security requirements for resource management in cloud computing. In: Proceedings of IEEE CSE 2012, Paphos, Cyprus, December 2012

    Google Scholar 

  40. Jhawar, R., Piuri, V., Santambrogio, M.: Fault tolerance management in cloud computing: a system-level perspective. IEEE Syst. J. 7(2), 288–297 (2013)

    Article  Google Scholar 

  41. Juels, A., Kaliski Jr., B.S.: PORs: Proofs of retrievability for large files. In: Proceedings of ACM CCS 2007, Alexandria, VA, USA, October/November 2007

    Google Scholar 

  42. Liu, R., Wang, H.: Integrity verification of outsourced XML databases. In: Proceedings of CSE 2009, Vancouver, Canada, August 2009

    Google Scholar 

  43. Merkle, R.: A certified digital signature. In: Proceedings of CRYPTO 1989, Santa Barbara, CA, USA, August 1989

    Google Scholar 

  44. Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM TOS 2(2), 107–138 (2006)

    Article  Google Scholar 

  45. Naveed, M., Kamara, S., Wrigh, C.: Inference attacks on property-preserving encrypted databases. In: Proceedings of CCS 2015, Denver, CO, USA, October 2015

    Google Scholar 

  46. Pang, H., Jain, A., Ramamritham, K., Tan, K.: Verifying completeness of relational query results in data publishing. In: Proceedings of SIGMOD 2005, Baltimore, MA, USA, June 2005

    Google Scholar 

  47. Pawluk, P., Simmons, B., Smit, M., Litoiu, M., Mankovski, S.: Introducing STRATOS: A cloud broker service. In: Proceedings of IEEE CLOUD 2012, Honolulu, HI, USA, June 2012

    Google Scholar 

  48. Popa, R., Redfield, C., Zeldovich, N., Balakrishnan, H.: Cryptdb: Protecting confidentiality with encrypted query processing. In: Proceedings of SOSP, Cascais, Portugal (2011)

    Google Scholar 

  49. Qu, L., Wang, Y., Orgun, M.A.: Cloud service selection based on the aggregation of user feedback and quantitative performance assessment. In: Proceedings of IEEE SCC 2013, Santa Clara, CA, USA, June/July 2013

    Google Scholar 

  50. Rao, J., Wei, Y., Gong, J., Xu, C.Z.: DynaQoS: Model-free self-tuning fuzzy control of virtualized resources for QoS provisioning. In: Proceedings of IEEE IWQoS 2011, San Jose, CA, USA, June 2011

    Google Scholar 

  51. Rehman, Z., Hussain, O., Hussain, F.: IaaS cloud selection using MCDM methods. In: Proceedings of IEEE ICEBE 2012, Hangzhou, China, September 2012

    Google Scholar 

  52. Ruiz-Alvarez, A., Humphrey, M.: An automated approach to cloud storage service selection. In: Proceedings of ACM ScienceCloud 2011, San Jose, CA, USA, June 2011

    Google Scholar 

  53. Samarati, P., De Capitani di Vimercati, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of ASIACCS 2010, Beijing, China, April 2010

    Google Scholar 

  54. Samarati, P., De Capitani di Vimercati, S.: Cloud security: issues and concerns. In: Murugesan, S., Bojanova, I. (eds.) Encyclopedia on Cloud Computing. Wiley, Chichester (2016)

    Google Scholar 

  55. Samreen, F., Elkhatib, Y., Rowe, M., Blair, G.S.: Daleel: Simplifying cloud instance selection using machine learning. In: Proceedings of IEEE/IFIP NOMS 2016, Istanbul, Turkey, April 2016

    Google Scholar 

  56. van Dijk, M., Juels, A., Oprea, A., Rivest, R., Stefanov, E., Triandopoulos, N.: Hourglass schemes: How to prove that cloud files are encrypted. In: Proceedings of ACM CCS 2012, Raleich, NC, USA, October 2012

    Google Scholar 

  57. Wang, H., Lakshmanan, L.: Efficient secure query evaluation over encrypted XML databases. In: Proceedings of VLDB 2006, Seoul, Korea, September 2006

    Google Scholar 

  58. Wang, H., Yin, J., Perng, C., Yu, P.: Dual encryption for query integrity assurance. In: Proceedings of CIKM 2008, Napa Valley, CA, USA, October 2008

    Google Scholar 

  59. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of PKC 2011, Taormina, Italy, March 2011

    Google Scholar 

  60. Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of VLDB 2007, Vienna, Austria, September 2007

    Google Scholar 

  61. Zheng, Z., Wu, X., Zhang, Y., Lyu, M.R., Wang, J.: QoS ranking prediction for cloud services. IEEE TPDS 24(6), 1213–1222 (2013)

    Google Scholar 

Download references

Acknowledgments

This work was supported in part by the EC within the FP7 under grant agreement 312797 (ABC4EU), and within the H2020 under grant agreement 644579 (ESCUDO-CLOUD).

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Università degli Studi di Milano, 26013, Crema, Italy

    S. De Capitani di Vimercati, S. Foresti, G. Livraga & P. Samarati

Authors
  1. S. De Capitani di Vimercati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. Foresti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. G. Livraga
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Samarati
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. De Capitani di Vimercati .

Editor information

Editors and Affiliations

  1. Dublin City University, Dublin, Ireland

    Markus Helfert

  2. Columbia University, New York, New York, USA

    Donald Ferguson

  3. Escola d’Enginyeria, Bellaterra, Barcelona, Spain

    Victor Méndez Muñoz

  4. Departamento de Engenharia Informática, Universidade de Coimbra, Coimbra, Portugal

    Jorge Cardoso

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P. (2017). Supporting Users in Data Outsourcing and Protection in the Cloud. In: Helfert, M., Ferguson, D., Méndez Muñoz, V., Cardoso, J. (eds) Cloud Computing and Services Science. CLOSER 2016. Communications in Computer and Information Science, vol 740. Springer, Cham. https://doi.org/10.1007/978-3-319-62594-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-62594-2_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-62593-5

  • Online ISBN: 978-3-319-62594-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation