An experimental evaluation of multi-key strategies for data outsourcing

E. Damiani, S. De Captani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

28 Scopus citations

Abstract

Data outsourcing is emerging today as a successful solution for organizations looking for a cost-effective way to make their data available for on-line querying. To protect outsourced data from unauthorized accesses, even from the (honest but curious) host server, data are encrypted and indexes associated with them enable the server to execute queries without the need of accessing cleartext. Current solutions consider the whole database as encrypted with a single key known only to the data owner, which therefore has to be kept involved in the query execution process. In this paper, we propose different multi-key data encryption strategies for enforcing access privileges. Our strategies exploit different keys, which are distributed to the users, corresponding to the different authorizations. We then present some experiments evaluating the quality of the proposed strategies with respect to the amount of cryptographic information to be produced and maintained.

Original languageBritish English
Title of host publicationNew Approaches for Security, Privacy and Trust in Complex Environments
Subtitle of host publicationProceedings of the IFIP TC-11 22nd International Information Security Conference (SEC 2007), 14-16 May 2007, Sandton, S. Africa
EditorsHein Venter, Jan Eloff, Mariki Eloff, Les Labuschagne, Rossouw Solms
Pages385-396
Number of pages12
DOIs
StatePublished - 2007

Publication series

NameIFIP International Federation for Information Processing
Volume232
ISSN (Print)1571-5736

Fingerprint

Dive into the research topics of 'An experimental evaluation of multi-key strategies for data outsourcing'. Together they form a unique fingerprint.

Cite this