Cloud computing has the advantage that it offers companies (virtually) unlimited data storage at attractive costs. However, it also introduces new challenges for protecting the confidentiality of the data, and the access to the data. Sensitive data like medical records, business or governmental data cannot be stored unencrypted on the cloud. Moreover, they can be of interest to many users and different policies could apply to each. Companies need new mechanisms to query the encrypted data without revealing anything to the cloud server, and to enforce access policies to the data. Current security schemes do not allow complex encrypted queries over encrypted data in a multi-user setting. Instead, they are limited to keyword searches. Moreover, current solutions assume that all users have the same access rights to the data. This demo shows the implementation of a scheme that allows making SQL-like queries on encrypted databases in a multi-user setting, while at the same time allowing the database owner to assign different access rights to users.

Enforcing Multi-user Access Policies to Encrypted Cloud Databases

Ion, Mihaela;Crispo, Bruno
2011-01-01

Abstract

Cloud computing has the advantage that it offers companies (virtually) unlimited data storage at attractive costs. However, it also introduces new challenges for protecting the confidentiality of the data, and the access to the data. Sensitive data like medical records, business or governmental data cannot be stored unencrypted on the cloud. Moreover, they can be of interest to many users and different policies could apply to each. Companies need new mechanisms to query the encrypted data without revealing anything to the cloud server, and to enforce access policies to the data. Current security schemes do not allow complex encrypted queries over encrypted data in a multi-user setting. Instead, they are limited to keyword searches. Moreover, current solutions assume that all users have the same access rights to the data. This demo shows the implementation of a scheme that allows making SQL-like queries on encrypted databases in a multi-user setting, while at the same time allowing the database owner to assign different access rights to users.
2011
2011 IEEE International Symposium on Policies for Distributed Systems and Networks
NEW YORK
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
978-0-7695-4330-7
Ion, Mihaela; G., Russello; Crispo, Bruno
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/89859
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 17
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact