Selective Data Encryption in Outsourced Dynamic Environments

E. Damiani, S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati

Research output: Contribution to journalArticlepeer-review

41 Scopus citations


The amount of information held by organizations' databases is increasing very quickly. A recently proposed solution to the problem of data management, which is becoming increasingly popular, is represented by database outsourcing. Several approaches have been presented to database outsourcing management, investigating the application of data encryption together with indexing information to allow the execution of queries at the third party, without the need of decrypting the data. These proposals assume access control to be under the control of the data owner, who has to filter all the access requests to data. In this paper, we put forward the idea of outsourcing also the access control enforcement at the third party. Our approach combines cryptography together with authorizations, thus enforcing access control via selective encryption. The paper describes authorizations management investigating their specification and representation as well as their enforcement in a dynamic scenario.

Original languageBritish English
Pages (from-to)127-142
Number of pages16
JournalElectronic Notes in Theoretical Computer Science
Issue numberSPEC. ISS.
StatePublished - 2007


  • access control
  • dynamic
  • encrypted databases
  • hierarchy
  • key derivation


Dive into the research topics of 'Selective Data Encryption in Outsourced Dynamic Environments'. Together they form a unique fingerprint.

Cite this