Advertisement

Homomorphic-Encryption-Based Separation Approach for Outsourced Data Management

  • Yang Zhang
  • Jun-Liang Chen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7759)

Abstract

With the rapid application of cloud computing technologies, service and data outsourcing has become a practical and useful paradigm. In order to manage sensitive information in this outsourcing scenario, combined use of access control technologies and cryptography was proposed by many researchers. However, the rigid combination in existing approaches has difficulty in satisfying the flexible data management for diverse applications. In this paper, we advocate a separation methodology where an authorization policy is not required to be embedded into ciphertexts or keys during encrypting data, and can be linked to the ciphertexts at any time. Authorization is independently carried out as usually without involving encryption, and encryption plays a foundational mechanism without considering authorization. We propose a separation approach based on homomorphic encryption to realize outsourced data management, where an encryption procedure is separated from authorization, and dynamically integrated with authorization policy according to subjects’ attributes at any time.

Keywords

Outsourced Data Service Access Management Homomorphic Encryption 

References

  1. 1.
    Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM Trans. on Information and System Security 8(1), 119–152 (2005)CrossRefGoogle Scholar
  2. 2.
    Hacigumus, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proc. of ICDE 2002, pp. 29–39. IEEE Computer Society, Washington (2002)Google Scholar
  3. 3.
    Hacigumus, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of ACM SIGMOD 2002, pp. 216–227. ACM, New York (2002)CrossRefGoogle Scholar
  4. 4.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S.: Preserving Confidentiality of Security Policies in Data Outsourcing. In: Proceedings of the 7th ACM Workshop on Privacy in the Electronic Society, pp. 75–84 (2008)Google Scholar
  5. 5.
    Samarati, P., de Capitani di Vimercati, S.: Access Control: Policies, Models, and Mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Damiani, E., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective Data Encryption in Outsourced Dynamic Environments. Electronic Notes in Theoretical Computer Science, 127–142 (2007)Google Scholar
  7. 7.
    Damiani, E., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Metadata Management in Outsourced Encrypted Databases. In: Jonker, W., Petković, M. (eds.) SDM 2005. LNCS, vol. 3674, pp. 16–32. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: Proc. of the 33rd VLDB Conference, Vienna, Austria, pp. 123–134 (September 2007)Google Scholar
  9. 9.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: A data outsourcing architecture combining cryptography and access control. In: Proc. of the 1st Computer Security Architecture Workshop, Fairfax, VA, pp. 63–69 (November 2007)Google Scholar
  10. 10.
    Gentry, C.: Fully Homomorphic Encryption without Bootstrapping (2011), http://eprint.iacr.org
  11. 11.
    Lauter, K., Naehrig, M., Vaikuntanathan, V.: Can Homomorphic Encryption be Practical, http://eprint.iacr.org/2011/133.pdf
  12. 12.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption Policies for Regulating Access to Outsourced Data. ACM Transactions on Database Systems, 1–45 (2010)Google Scholar
  13. 13.
    Yu, S.C., Wang, C., Ren, K., Lou, W.J.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Yang Zhang
    • 1
  • Jun-Liang Chen
    • 1
  1. 1.State Key Laboratory of Networking and Switching TechnologyBeijing University of Posts & TelecommunicationsBeijingChina

Personalised recommendations