Paper Info
Title
Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients
Abstract
Existing approaches for protecting sensitive information stored (outsourced) at external "honest-but-curious" servers are typically based on an overlying layer of encryption that is applied on the whole information, or use a combination of fragmentation and encryption. The computational load imposed by encryption makes such approaches not suitable for scenarios with lightweight clients. In this paper, we address this issue and propose a novel model for enforcing privacy requirements on the outsourced information which departs from encryption. The basic idea of our approach is to store a small portion of the data (just enough to break sensitive associations) on the client, which is trusted being under the data owner control, while storing the remaining information in clear form at the external (honest-but-curious) server. We model the problem and provide a solution for it aiming at minimizing the data stored at the client. We also illustrate the execution of queries on the fragmented information.
Year
DOI
Venue
2009
10.1007/978-3-642-03007-9_15
DBSec
Keywords
Field
DocType
whole information,lightweight client,sensitive information,sensitive association,remaining information,enforcing confidentiality constraints,data owner control,fragmented information,sensitive databases,basic idea,lightweight trusted clients,novel model,outsourced information
Client-side encryption,File server,Confidentiality,Computer security,Computer science,Server,Encryption,40-bit encryption,On-the-fly encryption,Information sensitivity
Conference
Volume
ISSN
Citations 
5645
0302-9743
14
PageRank 
References 
Authors
0.80
15
6
Name
Order
Citations
PageRank
Valentina Ciriani142235.11
Sabrina Capitani Di Vimercati2362.74
S. Foresti3100464.12
Sushil Jajodia493751839.16
Stefano Paraboschi53590450.24
Pierangela Samarati67152785.82