• PDF / 281,824 Bytes
• 11 Pages / 439.363 x 666.131 pts Page_size
• 81 Downloads / 177 Views

DOWNLOAD

REPORT

Abstract. To preserve data confidentiality in database outsourcing scenarios, various techniques have been proposed that preserve a certain degree of confidentiality while still allowing to efficiently execute certain queries. Typically, several of those techniques have to be combined to achieve a certain degree of confidentiality. However, finding an appropriate combination is not a trivial task, as expert knowledge is required and interdependencies between the techniques exist. Securus, an approach we previously proposed, addresses this problem. Securus allows users to model their requirements regarding the information in the outsourced dataset that has to be protected. Furthermore, queries that have to be efficiently executable on the outsourced data can be specified. Based on these requirements, Securus uses Integer Linear Programming (ILP) to find a suitable combination of confidentiality enhancing techniques and generates a software adapter. This software adapter transparently applies the techniques to fulfill the specified requirements and can be used to seamlessly outsource and query the data. In this paper, we present an outline of Securus and extend our previous work by highlighting the differences to other approaches in the field. Furthermore, we show how Securus can be extended to allow for more efficient solutions if the attacker’s capabilities can be modeled by the user.

1

Introduction

Preserving the privacy of individuals in today’s service landscape is an ongoing research topic that gains even more importance with the trend of service outsourcing. Besides the protection of personal information that is necessary to make access control decisions [3], enforcing the confidentiality of personal data that is processed by third parties constitutes a challenge [2,12]. Ensuring confidentiality when outsourcing databases is both necessary to protect sensitive information and to adhere to privacy laws in many cases. One approach to tackle this problem is to establish a trust relationship with the external provider using Service Level Agreements (SLAs) [13] or by relying on laws for being able to hold the external provider accountable [16]. However, in many cases either no trust relationship can be established or (regional) laws forbid relying on trust alone. In these cases, technical means have to be used to preserve confidentiality [14]. M. Hansen et al. (Eds.): Privacy and Identity 2014, IFIP AICT 421, pp. 139–149, 2014. c IFIP International Federation for Information Processing 2014 

140

J. K¨ ohler and K. J¨ unemann

A naive solution that technically preserves data confidentiality is to completely encrypt the whole database prior to outsourcing. However, queries on entirely encrypted data cannot be efficiently executed. It is thus better to selectively apply encryption techniques and partitioning the database on multiple, noncolluding external providers, as this way a tradeoff between data confidentiality and efficient query execution can be achieved [4,7,10,11,15]. However, it requires expert knowledge to choose a suitable set

Recommend Documents

Data Confidentiality

168 78 2MB

Building a Data Integration Team Skills, Requirements, and Solutions

181 80 8MB

Secure Data Outsourcing

156 54 9MB

Confidentiality

159 93 35MB

Data Access and Storage

180 7 5MB

Confidentiality

151 102 9MB

Confidentiality

161 19 5MB

Confidentiality

166 101 8MB

Proposal for requirements on industrial AI solutions

150 100 6MB

Confidentiality

168 115 9MB

Confidentiality

162 88 1MB

Basic Data Access and Merging

181 88 2MB