Abstract
Data outsourcing is today receiving growing attention due to its benefits in terms of cost reduction and better services. According to such paradigm, the data owner is no more responsible for data management, rather it outsources its data to one or more service providers (referred to as publishers) that provide management services and query processing functionalities. Clearly, data outsourcing leads to challenging security issues in that, by outsourcing its data, the data owner may potentially loose control over them. Therefore, a lot of research is currently carrying on to ensure secure management of data even in the presence of an untrusted publisher. One of the key issues is confidentiality enforcement, that is, how to ensure that data are not read by unauthorized users. In this paper, we propose a solution for XML data, which exploits cryptographic techniques and it is robust to the most common and relevant security threats. In the paper, we present the encryption methods and query processing strategies.
The work reported in this paper has been partially supported by the Italian MIUR under the project ‘Web-based management and representation of spatial and geographical data’.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bertino, E., Carminati, B., Ferrari, E., Thuraisingham, B., Gupta, A.: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Transactions on Knowledge and Data Engineering (TKDE) 16(10), 1263–1278 (2004)
Bertino, E., Ferrari, E.: Secure and Selective Dissemination of XML Documents. ACM Transactions on Information and System Security (TISSEC) 5(3), 290–331 (2002)
Bertino, E., Carminati, B., Ferrari, E.: A Temporal Key Management Scheme for Broadcasting XML Documents. In: Proc. of the 9th ACM Conference on Computer and Communications Security (CCS 2002), Washington (November 2002)
Carminati, B., Ferrari, E., Bertino, E.: Securing XML Data in Third-Party Distribution Systems. In: Proc. of the ACM Fourteenth Conference on Information and Knowledge Management (CIKM 2005), Bremen, Germany (November 2005)
Carminati, B., Ferrari, E.: Management of Access Control Policies for XML Document Sources. International Journal of Information Security 1(4), 236–260 (2003)
Hacigumus, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over Encrypted Data in the Database Service Provider Model. In: Proc. of the ACM SIGMOD 2002, Madison, WI, USA (June 2002)
Hacıgümüş, H., Iyer, B.R., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004)
Merkle, R.C.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)
Salton, G., McGill, M.: Introduction to Modern Information Retrival. McGraw-Hill, New York (1983)
Song, D.X., Wagner, D., Perrig, A.: Practical Techniques for Searches on Encrypted Data. In: Proc. of the IEEE Symposium on Security and Privacy, Oakland, California (2000)
World Wide Web Consortium, http://www.w3.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Carminati, B., Ferrari, E. (2006). Confidentiality Enforcement for XML Outsourced Data. In: Grust, T., et al. Current Trends in Database Technology – EDBT 2006. EDBT 2006. Lecture Notes in Computer Science, vol 4254. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11896548_21
Download citation
DOI: https://doi.org/10.1007/11896548_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46788-5
Online ISBN: 978-3-540-46790-8
eBook Packages: Computer ScienceComputer Science (R0)