The diffusion of cloud database services requires a lot of efforts to improve confidentiality of data stored in external infrastructures. We propose a novel scheme that integrates data encryption with users access control mechanisms. It can be used to guarantee confidentiality of data with respect to a public cloud infrastructure, and to minimize the risks of internal data leakage even in the worst case of a legitimate user colluding with some cloud provider personnel. The correctness and feasibility of the proposal is demonstrated through formal models, while the integration in a cloud-based architecture is left to future work.
Access control enforcement on query-aware encrypted cloud databases / Ferretti, Luca; Colajanni, Michele; Marchetti, Mirco. - STAMPA. - 2:(2013), pp. 717-722. (Intervento presentato al convegno 5th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2013 tenutosi a Bristol, gbr nel 2-5 Dec. 2013) [10.1109/CloudCom.2013.172].
Access control enforcement on query-aware encrypted cloud databases
FERRETTI, LUCA;COLAJANNI, Michele;MARCHETTI, Mirco
2013
Abstract
The diffusion of cloud database services requires a lot of efforts to improve confidentiality of data stored in external infrastructures. We propose a novel scheme that integrates data encryption with users access control mechanisms. It can be used to guarantee confidentiality of data with respect to a public cloud infrastructure, and to minimize the risks of internal data leakage even in the worst case of a legitimate user colluding with some cloud provider personnel. The correctness and feasibility of the proposal is demonstrated through formal models, while the integration in a cloud-based architecture is left to future work.Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris