Skip to main content

2014 | OriginalPaper | Buchkapitel

Security and Privacy of Data in a Cloud

verfasst von : Sushil Jajodia

Erschienen in: Secure Data Management

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The goals of this brief note are to describe some of the research progress that has been made to date and elaborate on the fundamental challenges facing the research community in security and privacy of data stored in a cloud.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: Proceedings of CIDR, Asilomar, CA (2005) Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: Proceedings of CIDR, Asilomar, CA (2005)
2.
Zurück zum Zitat Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of SIGMOD, Paris, France (2004) Agrawal, R., Kierman, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of SIGMOD, Paris, France (2004)
3.
Zurück zum Zitat Bowers, K.D., van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: How to tell if your cloud files are vulnerable to drive crashes. In: Proceedings of ACM CCS (2011) Bowers, K.D., van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: How to tell if your cloud files are vulnerable to drive crashes. In: Proceedings of ACM CCS (2011)
4.
Zurück zum Zitat Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM TISSEC 8(1), 119–152 (2005)CrossRef Ceselli, A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Modeling and assessing inference exposure in encrypted databases. ACM TISSEC 8(1), 119–152 (2005)CrossRef
5.
Zurück zum Zitat Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Proceedings of EUROCRYPT 2003, Warsaw, Poland (2003) Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Proceedings of EUROCRYPT 2003, Warsaw, Poland (2003)
6.
Zurück zum Zitat Ciriani, V., De Capitani, S., Samarati, P.: Enforcing confidentiality constraints on sensitive databases with lightweight trusted clients. In: Proceedings of DBSec, Montreal, Canada (2009) Ciriani, V., De Capitani, S., Samarati, P.: Enforcing confidentiality constraints on sensitive databases with lightweight trusted clients. In: Proceedings of DBSec, Montreal, Canada (2009)
7.
Zurück zum Zitat Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009) CrossRef Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009) CrossRef
8.
Zurück zum Zitat Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM TISSEC 13(3), 22:1–22:33 (2010)CrossRef Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM TISSEC 13(3), 22:1–22:33 (2010)CrossRef
9.
Zurück zum Zitat Damiani, E., De Capitani, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of CCS, Washington, DC (2003) Damiani, E., De Capitani, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings of CCS, Washington, DC (2003)
10.
Zurück zum Zitat De Capitani, S., di Vimercati, S., Foresti, S., Jajodia, S.: On information leakage by indexes over data fragments. In: Proceedings of PrivDB, Brisbane, Australia (2013) De Capitani, S., di Vimercati, S., Foresti, S., Jajodia, S.: On information leakage by indexes over data fragments. In: Proceedings of PrivDB, Brisbane, Australia (2013)
11.
Zurück zum Zitat De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM TODS 35(2), 12:1–12:46 (2010) De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM TODS 35(2), 12:1–12:46 (2010)
12.
Zurück zum Zitat De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Support for Write privileges on outsourced data. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 199–210. Springer, Heidelberg (2012) De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Support for Write privileges on outsourced data. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IFIP AICT, vol. 376, pp. 199–210. Springer, Heidelberg (2012)
13.
Zurück zum Zitat Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.. Authentic third-party data publication. In: Proceedings of DBSec 2000 (2000) Devanbu, P.T., Gertz, M., Martel, C.U., Stubblebine, S.G.. Authentic third-party data publication. In: Proceedings of DBSec 2000 (2000)
14.
Zurück zum Zitat De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Database security and privacy. In: Topi, H. (ed.) Computing Handbook, Third Edition: Information Systems and Information Technology, vol. 2. Taylor & Francis, Boca Raton (2013) De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Samarati, P.: Database security and privacy. In: Topi, H. (ed.) Computing Handbook, Third Edition: Information Systems and Information Technology, vol. 2. Taylor & Francis, Boca Raton (2013)
15.
Zurück zum Zitat Ganapathy, V., Thomas, D., Feder, T., Garcia-Molina, H., Motwani, R.: Distributing data for secure database services. In: Proceedings of PAIS, Uppsala, Sweden (2011) Ganapathy, V., Thomas, D., Feder, T., Garcia-Molina, H., Motwani, R.: Distributing data for secure database services. In: Proceedings of PAIS, Uppsala, Sweden (2011)
16.
Zurück zum Zitat Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of ICDE, San Jose, CA (2002) Hacigümüş, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proceedings of ICDE, San Jose, CA (2002)
17.
Zurück zum Zitat Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y.J., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004) Hacıgümüş, H., Iyer, B., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. In: Lee, Y.J., Li, J., Whang, K.-Y., Lee, D. (eds.) DASFAA 2004. LNCS, vol. 2973, pp. 125–136. Springer, Heidelberg (2004)
18.
Zurück zum Zitat Hacigümüş, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of SIGMOD, Madison, WI (2002) Hacigümüş, H., Iyer, B., Mehrotra, S., Li, C.: Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of SIGMOD, Madison, WI (2002)
19.
Zurück zum Zitat Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of SIGMOD, Chicago, IL (2006) Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of SIGMOD, Chicago, IL (2006)
20.
Zurück zum Zitat Liu, R., Wang, H.: Integrity verification of outsourced XML databases. In: Proceedings of CSE, Vancouver, Canada (2009) Liu, R., Wang, H.: Integrity verification of outsourced XML databases. In: Proceedings of CSE, Vancouver, Canada (2009)
21.
Zurück zum Zitat Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM TOS 2(2), 107–138 (2006)CrossRef Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM TOS 2(2), 107–138 (2006)CrossRef
22.
Zurück zum Zitat Narasimha, M., Tsudik, G.: DSAC: integrity for outsourced databases with signature aggregation and chaining. In: Proceedings of CIKM, Bremen, Germany, 31 Oct–5 Nov 2005 (2005) Narasimha, M., Tsudik, G.: DSAC: integrity for outsourced databases with signature aggregation and chaining. In: Proceedings of CIKM, Bremen, Germany, 31 Oct–5 Nov 2005 (2005)
23.
Zurück zum Zitat Pang, H., Jain, A., Ramamritham, K., Tan, K.L.: Verifying completeness of relational query results in data publishing. In: Proceedings of SIGMOD, Baltimore, MA (2005) Pang, H., Jain, A., Ramamritham, K., Tan, K.L.: Verifying completeness of relational query results in data publishing. In: Proceedings of SIGMOD, Baltimore, MA (2005)
24.
Zurück zum Zitat Pang, H., Tan, K.L.: Authenticating query results in edge computing. In: Proceedings of ICDE, Boston, MA (2004) Pang, H., Tan, K.L.: Authenticating query results in edge computing. In: Proceedings of ICDE, Boston, MA (2004)
25.
Zurück zum Zitat Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of ACM CCS (2009) Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of ACM CCS (2009)
26.
Zurück zum Zitat Samarati, P., De Capitani, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of ASIACCS, China (2010) Samarati, P., De Capitani, S.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of ASIACCS, China (2010)
27.
Zurück zum Zitat Wang, H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted XML databases. In: Proceedings of VLDB, Seoul, Korea (2006) Wang, H., Lakshmanan, L.V.S.: Efficient secure query evaluation over encrypted XML databases. In: Proceedings of VLDB, Seoul, Korea (2006)
28.
Zurück zum Zitat Wang, H., Yin, J., Perng, C., Yu, P.S.: Dual encryption for query integrity assurance. In: Proceedings of CIKM, Napa Valley, CA (2008) Wang, H., Yin, J., Perng, C., Yu, P.S.: Dual encryption for query integrity assurance. In: Proceedings of CIKM, Napa Valley, CA (2008)
29.
Zurück zum Zitat Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of VLDB, Vienna, Austria (2007) Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of VLDB, Vienna, Austria (2007)
30.
Zurück zum Zitat Xie, M., Wang, H., Yin, J., Meng, X.: Providing freshness guarantees for outsourced databases. In: Proceedings of EDBT, Nantes, France (2008) Xie, M., Wang, H., Yin, J., Meng, X.: Providing freshness guarantees for outsourced databases. In: Proceedings of EDBT, Nantes, France (2008)
31.
Zurück zum Zitat Wang, Z., Sun, K., Jajodia, S., Jing, J.: Disk storage isolation and verification in cloud. In: Proceedings of IEEE Globecom, Anaheim, CA (2012) Wang, Z., Sun, K., Jajodia, S., Jing, J.: Disk storage isolation and verification in cloud. In: Proceedings of IEEE Globecom, Anaheim, CA (2012)
32.
Zurück zum Zitat Yang, Y., Papadias, D., Papadopoulos, S., Kalnis, P.: Authenticated join processing in outsourced databases. In: Proceedings of SIGMOD, Providence, RI, 29 June–2 July 2009 (2009) Yang, Y., Papadias, D., Papadopoulos, S., Kalnis, P.: Authenticated join processing in outsourced databases. In: Proceedings of SIGMOD, Providence, RI, 29 June–2 July 2009 (2009)
Metadaten
Titel
Security and Privacy of Data in a Cloud
verfasst von
Sushil Jajodia
Copyright-Jahr
2014
DOI
https://doi.org/10.1007/978-3-319-06811-4_4