Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: De Capitani di Vimercati, Sabrinaa; * | Foresti, Saraa | Paraboschi, Stefanob | Pelosi, Gerardoc | Samarati, Pierangelaa
Affiliations: [a] Dipartimento di Informatica, Università degli Studi di Milano, Italy. E-mails: [email protected], [email protected], [email protected] | [b] Dipartimento di Ingegneria Gestionale, dell’Informazione e della Produzione, Università degli Studi di Bergamo, Italy. E-mail: [email protected] | [c] Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Italy. E-mail: [email protected]
Correspondence: [*] Corresponding author. E-mail: [email protected].
Note: [1] A preliminary version of this paper appeared under the title “Access Control for the Shuffle Index,” in: Proc. of the 30th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2016), Trento, Italy, July 2016 [12].
Abstract: Cloud computing is the reference paradigm to provide data storage and management in a convenient and scalable manner. However, moving data to the cloud raises several issues, including the confidentiality of data and of accesses that are no more under the direct control of the data owner. The shuffle index has been proposed as a solution for addressing these issues when data are stored at an external third party. In this paper, we extend the shuffle index with support for access control, that is, for enforcing authorizations on data. Our approach is based on the use of selective encryption and on the organization of data and authorizations in two shuffle indexes. Owners regulate access to their data through authorizations that allow different users to access different portions of the data, while, at the same time, the confidentiality of accesses is guaranteed. The proposed approach also supports update operations over the outsourced data collection (i.e., insertion, removal, and update) as well as of the access control policy (i.e., grant and revoke). Also, our approach protects the nature of each access operation, making revoke operations and resource removal operations indistinguishable by the storing server and/or observing users.
Keywords: Shuffle index, access control, data confidentiality, access confidentiality
DOI: 10.3233/JCS-171004
Journal: Journal of Computer Security, vol. 26, no. 2, pp. 143-175, 2018
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]