Fragmentation and Encryption to Enforce Privacy in Data Storage

  • Valentina Ciriani
  • Sabrina De Capitani di Vimercati
  • Sara Foresti
  • Sushil Jajodia
  • Stefano Paraboschi
  • Pierangela Samarati
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4734)


Privacy requirements have an increasing impact on the realization of modern applications. Technical considerations and many significant commercial and legal regulations demand today that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. It is therefore crucial to design solutions able to respond to this demand with a clear integration strategy for existing applications and a consideration of the performance impact of the protection measures.

In this paper we address this problem and propose a solution to enforce privacy over data collections by combining data fragmentation with encryption. The idea behind our approach is to use encryption as an underlying (conveniently available) measure for making data unintelligible, while exploiting fragmentation as a way to break sensitive associations between information.


Privacy fragmentation encryption 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: CIDR 2005. Proc. of the 2nd Conference on Innovative Data Systems Research, Asilomar, California, USA (January 2005)Google Scholar
  2. 2.
    California senate bill SB 1386 (September 2002)Google Scholar
  3. 3.
    Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security 8(1), 119–152 (2005)CrossRefGoogle Scholar
  4. 4.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: k-anonymity. In: Yu, T., Jajodia, S. (eds.) Security in Decentralized Data Management, Springer, Heidelberg (2007)Google Scholar
  5. 5.
    Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS 2003. Proc. of the 10th ACM Conference on Computer and Communications Security, Washington DC, USA, October 2003, ACM Press, New York (2003)Google Scholar
  6. 6.
    Dawson, S., De Capitani di Vimercati, S., Lincoln, P., Samarati, P.: Maximizing sharing of protected information. Journal of Computer and System Sciences 64(3), 496–541 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Garey, M.R., Johnson, D.S.: Computers and intractability: a guide to the theory of NP-completeness. W.H. Freeman, New York (1979)zbMATHGoogle Scholar
  8. 8.
    Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: ICDE 2002. Proc. of the 18th International Conference on Data Engineering, San Jose, California, USA, IEEE Computer Society, Los Alamitos, California (2002)Google Scholar
  9. 9.
    Hacigümüs, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of the 2002 ACM SIGMOD International Conference on Management of Data, Madison, Wisconsin, USA, ACM Press, New York (2002)Google Scholar
  10. 10.
    Krivelevich, M., Sudakov, B.: Approximate coloring of uniform hypergraphs. Journal of Algorithms 49(1), 2–12 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Navathe, S., Ceri, S., Wiederhold, G., Dou, J.: Vertical partitioning algorithms for database design. ACM Transaction on Database Systems 9(4), 680–710 (1984)CrossRefGoogle Scholar
  12. 12.
    Navathe, S., Ra, M.: Vertical partitioning for database design: a graphical algorithm. In: Proc. of the 1989 ACM SIGMOD International Conference on Management of Data, Portland, Oregon, USA, ACM Press, New York (1989)Google Scholar
  13. 13.
    Payment card industry (PCI) data security standard (September 2006),
  14. 14.
    Personal data protection code: Legislative Decree no. 196 (June 2003)Google Scholar
  15. 15.
    Samarati, P.: Protecting respondent’s privacy in microdata release. IEEE Transactions on Knowledge and Data Engineering 13(6), 1010–1017 (2001)CrossRefGoogle Scholar
  16. 16.
    Schneier, B.: Applied Cryptography: protocols, algorithms, and source code in C, 2nd edn. John Wiley & Sons, New York (1996)zbMATHGoogle Scholar
  17. 17.
    Hofmeister, T., Lefmann, H.: Approximating Maximum Independent Sets in Uniform Hypergraphs. In: Brim, L., Gruska, J., Zlatuška, J. (eds.) MFCS 1998. LNCS, vol. 1450, Springer, Heidelberg (1998)CrossRefGoogle Scholar
  18. 18.
    Wang, H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted XML databases. In: VLDB 2006. Proc. of the 32nd International Conference on Very Large Data Bases, Seoul, Korea, ACM Press, New York (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Valentina Ciriani
    • 1
  • Sabrina De Capitani di Vimercati
    • 1
  • Sara Foresti
    • 1
  • Sushil Jajodia
    • 2
  • Stefano Paraboschi
    • 3
  • Pierangela Samarati
    • 1
  1. 1.Università degli Studi di Milano, 26013 CremaItalia
  2. 2.George Mason University, Fairfax, VA 22030-4444 
  3. 3.Università degli Studi di Bergamo, 24044 DalmineItalia

Personalised recommendations