Your search keyword '"Sara Foresti"' showing total 91 results

1. An authorization model for query execution in the cloud

Author

Pierangela Samarati, Giovanni Livraga, Sushil Jajodia, Sara Foresti, S. De Capitani di Vimercati, and S. Paraboschi

Subjects

021110 strategic, defence & security studies, Authorization model, Collaborative query evaluation, Equivalent attributes, Implicit attributes, Plaintext and encrypted visibility, Relation profile, Database, business.industry, Computer science, 0211 other engineering and technologies, Authorization, Cloud computing, 02 engineering and technology, computer.software_genre, Hardware and Architecture, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Information Systems

Published

2021

2. Distributed Query Evaluation over Encrypted Data

Author

Pierangela Samarati, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Sushil Jajodia, Giovanni Livraga, and Sara Foresti

Subjects

Scheme (programming language), 021110 strategic, defence & security studies, Database, business.industry, Computer science, Control (management), 0211 other engineering and technologies, Plaintext, Cloud computing, 02 engineering and technology, Encryption, computer.software_genre, External storage, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Pace, computer.programming_language

Abstract

The availability of a multitude of data sources has naturally increased the need for subjects to collaborate for distributed computations, aimed at combining different data collections for their elaboration and analysis. Due to the quick pace at which collected data grow, often the authorities collecting and owning such datasets resort to external third parties (e.g., cloud providers) for their storage and management. Data under the control of different authorities are autonomously encrypted (using a different encryption scheme and key) for their external storage. This makes distributed computations combining these sources hard. In this paper, we propose an approach enabling collaborative computations over data encrypted in storage, selectively involving also subjects that might not be authorized for accessing the data in plaintext when it is considered economically convenient.

Published

2021

3. Selective Owner-side Encryption in Digital Data Markets: Strategies for Key Derivation

Author

Sara Foresti and Giovanni Livraga

Subjects

business.industry, Computer science, Digital data, Key derivation function, Encryption, business, Computer security, computer.software_genre, computer

Published

2021

4. Enforcing Corporate Governance's Internal Controls and Audit in the Cloud

Author

Sara Foresti, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati

Subjects

021110 strategic, defence & security studies, Cloud-based services, business.industry, Computer science, Corporate governance, outsourcing, internal controls and audit process, selective encryption, 0211 other engineering and technologies, Cloud computing, 02 engineering and technology, Audit, Encryption, Computer security, computer.software_genre, Outsourcing, 020204 information systems, Accountability, 0202 electrical engineering, electronic engineering, information engineering, business, Enforcement, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer

Abstract

More and more organizations are today using the cloud for their business as a quite convenient alternative to in-house solutions for storing, processing, and managing data. Cloud-based solutions are then permeating almost all aspects of business organizations, resulting appealing also for functions that, already in-house, may result sensitive or security critical, and whose enforcement in the cloud requires then particular care. In this paper, we provide an approach for securely relying on cloud-based services for the enforcement of Internal Controls and Audit (ICA) functions for corporate governance. Our approach is based on the use of selective encryption and of tags to provide a level of self-protection to data and for enabling only authorized parties to access data and perform operations on them, providing privacy and integrity guarantees, as well as accountability and non-repudiation.

Published

2020

5. Securing Resources in Decentralized Cloud Storage

Author

Pierangela Samarati, Sara Foresti, Stefano Paraboschi, Marco Rosa, Sabrina De Capitani di Vimercati, and Enrico Bacis

Subjects

replication, Computer Networks and Communications, Computer science, availability, Control (management), 0211 other engineering and technologies, Cloud computing, security, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Supply and demand, Resource (project management), Decentralized cloud storage, Resource management, Safety, Risk, Reliability and Quality, 021110 strategic, defence & security studies, business.industry, Economic benefits, secure deletion, slicing and allocation, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, Cloud storage, computer

Abstract

Decentralized cloud storage services represent a promising opportunity for a different cloud market, meeting the supply and demand for IT resources of an extensive community of users. The dynamic and independent nature of the resulting infrastructure introduces security concerns that can represent a slowing factor toward the realization of such an opportunity, otherwise clearly appealing and promising for the expected economic benefits. In this paper, we present an approach enabling resource owners to effectively protect and securely delete their resources while relying on decentralized cloud services for their storage. Our solution combines All-Or-Nothing-Transform for strong resource protection, and carefully designed strategies for slicing resources and for their decentralized allocation in the storage network. We address both availability and security guarantees, jointly considering them in our model and enabling resource owners to control their setting.

Published

2020

6. Empowering Owners with Control in Digital Data Markets

Author

Giovanni Livraga, Sabrina De Capitani di Vimercati, Sara Foresti, and Pierangela Samarati

Subjects

Blockchain, Smart contract, business.industry, Computer science, Digital data, Control (management), Interaction protocol, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Audit process, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Key derivation function, business, Realization (systems), computer

Abstract

We propose an approach for allowing data owners to trade their data in digital data market scenarios, while keeping control over them. Our solution is based on a combination of selective encryption and smart contracts deployed on a blockchain, and ensures that only authorized users who paid an agreed amount can access a data item. We propose a safe interaction protocol for regulating the interplay between a data owner and subjects wishing to purchase (a subset of) her data, and an audit process for counteracting possible misbehaviors by any of the interacting parties. Our solution aims to make a step towards the realization of data market platforms where owners can benefit from trading their data while maintaining control.

Published

2019

7. Data security and privacy in the cloud

Author

Pierangela Samarati, Sabrina De Capitani di Vimercati, Sara Foresti, and Giovanni Livraga

Subjects

020203 distributed computing, 021110 strategic, defence & security studies, business.industry, End user, Computer science, Computation, 0211 other engineering and technologies, Data security, Ranging, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Outsourcing, Cloud provider, 0202 electrical engineering, electronic engineering, information engineering, Data Protection Act 1998, business, computer

Abstract

Relying on the cloud for storing data and performing computations has become a popular solution in today’s society, which demands large data collections and/or analysis over them to be readily available, for example, to make knowledge-based decisions. While bringing undeniable benefits to both data owners and end users accessing the outsourced data, moving to the cloud raises a number of issues, ranging from choosing the most suitable cloud provider for outsourcing to effectively protecting data and computation results. In this paper, we discuss the main issues related to data protection arising when data and/or computations over them are moved to the cloud. We also illustrate possible solutions and approaches for addressing such issues.

Published

2019

8. Protecting Resources and Regulating Access in Cloud-Based Object Storage

Author

Sara Foresti, Marco Rosa, Enrico Bacis, Pierangela Samarati, Stefano Paraboschi, and Sabrina De Capitani di Vimercati

Subjects

Service (business), business.industry, Computer science, Computer Science (all), Data_MISCELLANEOUS, Cloud computing, Theoretical Computer Science, 02 engineering and technology, Client-side, Encryption, Computer security, computer.software_genre, Object storage, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Cloud storage, Server-side

Abstract

Cloud storage services offer a variety of benefits that make them extremely attractive for the management of large amounts of data. These services, however, raise some concerns related to the proper protection of data that, being stored on servers of third party cloud providers, are no more under the data owner control. The research and development community has addressed these concerns by proposing solutions where encryption is adopted not only for protecting data but also for regulating accesses. Depending on the trust assumption on the cloud provider offering the storage service, encryption can be applied at the server side, client side, or through an hybrid approach. The goal of this chapter is to survey these encryption-based solutions and to provide a description of some representative systems that adopt such solutions.

Published

2018

9. Enforcing authorizations while protecting access confidentiality1

Author

Gerardo Pelosi, Sara Foresti, Stefano Paraboschi, Pierangela Samarati, and Sabrina De Capitani di Vimercati

Subjects

0301 basic medicine, 021110 strategic, defence & security studies, Data collection, Computer Networks and Communications, Computer science, business.industry, 0211 other engineering and technologies, Cloud computing, Access control, 02 engineering and technology, Encryption, Computer security, computer.software_genre, 03 medical and health sciences, 030104 developmental biology, Resource (project management), Hardware and Architecture, Scalability, Computer data storage, Confidentiality, Safety, Risk, Reliability and Quality, business, computer, Software

Abstract

Cloud computing is the reference paradigm to provide data storage and management in a convenient and scalable manner. However, moving data to the cloud raises several issues, including the confidentiality of data and of accesses that are no more under the direct control of the data owner. The shuffle index has been proposed as a solution for addressing these issues when data are stored at an external third party. In this paper, we extend the shuffle index with support for access control, that is, for enforcing authorizations on data. Our approach is based on the use of selective encryption and on the organization of data and authorizations in two shuffle indexes. Owners regulate access to their data through authorizations that allow different users to access different portions of the data, while, at the same time, the confidentiality of accesses is guaranteed. The proposed approach also supports update operations over the outsourced data collection (i.e., insertion, removal, and update) as well as of the access control policy (i.e., grant and revoke). Also, our approach protects the nature of each access operation, making revoke operations and resource removal operations indistinguishable by the storing server and/or observing users.

Published

2018

10. Loose associations to increase utility in data publishing1

Author

Pierangela Samarati, Stefano Paraboschi, Sushil Jajodia, Giovanni Livraga, Sabrina De Capitani di Vimercati, and Sara Foresti

Subjects

Computer Networks and Communications, Computer science, Data publishing, computer.software_genre, Information sensitivity, LOOSE ASSOCIATIONS, External storage, Hardware and Architecture, Data mining, Tuple, Safety, Risk, Reliability and Quality, Heuristics, computer, Software

Abstract

Data fragmentation has been proposed as a solution for protecting the confidentiality of sensitive associations when releasing data for publishing or external storage. To enrich the utility of data fragments, a recent approach has put forward the idea of complementing a pair of fragments with some non-precise, hence loose information on the association between them. Starting from the observation that in presence of multiple fragments the publication of several independent associations between pairs of fragments can cause improper leakage of sensitive information, in this paper we extend loose associations to operate over an arbitrary number of fragments.We first illustrate how the publication of multiple loose associations between different pairs of fragments can potentially expose sensitive associations, and describe an approach for defining loose associations among an arbitrary set of fragments. We investigate how tuples in fragments can be grouped for producing loose associations so to increase the utility of queries executed over fragments. We then provide a heuristics for performing such a grouping and producing loose associations satisfying a given level of protection for sensitive associations, while achieving utility for queries over different fragments. We also illustrate the result of an extensive experimental effort over both synthetic and real datasets, which shows the efficiency and the enhanced utility provided by our proposal.

Published

2015

11. Distributed Shuffle Index in the Cloud: Implementation and Evaluation

Author

Pierangela Samarati, Sabrina De Capitani di Vimercati, Sara Foresti, Stefano Paraboschi, Enrico Bacis, and Marco Rosa

Subjects

Risk, Index (economics), EMC ECS, Computer science, Computer Networks and Communications, Distributed computing, Cloud computing, Cryptography, 02 engineering and technology, computer.software_genre, Distributed shuffle index, Artificial Intelligence, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Confidentiality, Astrophysics::Galaxy Astrophysics, Google Cloud Storage, Elastic cloud, Access confidentiality, 020203 distributed computing, Distributed database, business.industry, Amazon S3, OpenStack, Safety, Risk, Reliability and Quality, Hardware and Architecture, 020206 networking & telecommunications, Reliability and Quality, Operating system, Safety, business, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer, Cloud storage

Abstract

The distributed shuffle index strengthens the guarantees of access confidentiality provided by the shuffle index through the distribution of data among three cloud providers. In this paper, we analyze architectural and design issues and describe an implementation of the distributed shuffle index integrated with different cloud providers (i.e., Amazon S3, OpenStack Swift, Google Cloud Storage, and EMC Elastic Cloud Storage). The experimental results obtained with our implementation confirm the protection guarantees provided by the distributed shuffle index and its limited performance overhead, demonstrating its practical applicability in cloud scenarios.

Published

2017

12. Access Control Management for Secure Cloud Storage

Author

Marco Rosa, Pierangela Samarati, Stefano Paraboschi, Enrico Bacis, Sara Foresti, and Sabrina De Capitani di Vimercati

Subjects

Revocation, business.industry, Computer science, attribute revocation, 020206 networking & telecommunications, Cloud computing, Access control, 02 engineering and technology, Computer security, computer.software_genre, Encryption, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Cryptography, Confidentiality, business, Enforcement, Key management, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, Cloud storage, computer, Computer network

Abstract

With the widespread success and adoption of cloud-based solutions, we are witnessing an ever increasing reliance on external providers for storing and managing data. This evolution is greatly facilitated by the availability of solutions - typically based on encryption - ensuring the confidentiality of externally outsourced data against the storing provider itself. Selective application of encryption (i.e., with different keys depending on the authorizations holding on data) provides a convenient approach to access control policy enforcement. Effective realization of such policy-based encryption entails addressing several problems related to key management, access control enforcement, and authorization revocation, while ensuring efficiency of access and deployment with current technology. We present the design and implementation of an approach to realize policy-based encryption for enforcing access control in OpenStack Swift. We also report experimental results evaluating and comparing different implementation choices of our approach.

Published

2017

13. Integrity for join queries in the cloud

Author

Sushil Jajodia, Pierangela Samarati, Stefano Paraboschi, Sabrina De Capitani di Vimercati, and Sara Foresti

Subjects

Correctness, Database, Computer Networks and Communications, business.industry, Computer science, Distributed computing, Cloud computing, Encryption, computer.software_genre, Computer Science Applications, Hardware and Architecture, Server, Join (sigma algebra), Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Software, Information Systems

Abstract

We address the problem of providing users with the ability to assess the integrity of join results produced by external computational providers and computed over externally stored databases. Our approach relies on different mutually supporting techniques offering strong integrity protection guarantees at a limited cost. The application of the approach is completely transparent to the computational provider, against which data and query confidentiality are preserved. The paper introduces our techniques analytically, examining their protection guarantees and performance. It also illustrates experimental results, which confirm the effectiveness and efficiency of our solutions.

Published

2013

14. A Dynamic Tree-Based Data Structure for Access Privacy in the Cloud

Author

Sabrina De Capitani di Vimercati, Sara Foresti, Pierangela Samarati, Stefano Paraboschi, Riccardo Moretti, and Gerardo Pelosi

Subjects

Information privacy, key-based retrieval, Computer Networks and Communications, Computer science, Distributed computing, Cloud computing, 02 engineering and technology, computer.software_genre, Theoretical Computer Science, Access privacy, dynamic data structure, key-based, retrieval binary search tree, Computer security, Server, 0202 electrical engineering, electronic engineering, information engineering, binary search tree, 020203 distributed computing, Settore INF/01 - Informatica, Database, business.industry, Privacy software, Computational Theory and Mathematics, Software, 020206 networking & telecommunications, Data structure, Tree (data structure), Binary search tree, Key (cryptography), Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer

Abstract

We present a novel approach for guaranteeing access privacy to data stored at an external cloud provider. Our solution relies on the grouping of resources into buckets then organized with a binary search tree. The tree is built on an index computed in a non-invertible non-order preserving way, and supports efficient key-based retrieval. Our approach to provide access privacy builds on this data organization providing uniform observability to the server in access execution and dynamically changing not only the physical storage allocation, but also the logical structure itself. Our analysis and experimental evaluation show the effectiveness of our approach.

Published

2016

15. Efficient integrity checks for join queries in the cloud1

Author

Sara Foresti, Stefano Paraboschi, Pierangela Samarati, Sabrina De Capitani di Vimercati, and Sushil Jajodia

Subjects

Database, Computer Networks and Communications, business.industry, Computer science, Joins, 020206 networking & telecommunications, Context (language use), Cloud computing, 02 engineering and technology, computer.software_genre, Computer security, Variety (cybernetics), Data access, Hardware and Architecture, 020204 information systems, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), Confidentiality, Safety, Risk, Reliability and Quality, business, computer, Software

Abstract

Cloud computing is receiving massive interest from users and companies for its convenient support of scalable access to data and services. The variety and diversification of offers by cloud providers allow users to selectively adopt storage and computational services as they best suit their needs, including cost saving considerations. In such an open context, security remains a major concern, as confidentiality and integrity of data and queries over them can be at risk. In this paper, we present efficient techniques to verify the integrity of join queries computed by potentially untrusted cloud providers, while also protecting data and computation confidentiality. Our techniques support joins among multiple data sources and introduce a limited overhead in query computation, enabling also economical savings, as the ability to assess integrity increases the spectrum of offers that can be considered for performing the computation. Formal analysis and experimental evaluations confirm the effectiveness and efficiency of our solutions.

Published

2016

16. Cryptology and Network Security

Author

Giuseppe Persiano and Sara Foresti

Subjects

Network security, business.industry, Computer science, Cryptography, business, Computer security, computer.software_genre, computer

Published

2016

17. Access Control for the Shuffle Index

Author

Sabrina De Capitani di Vimercati, Gerardo Pelosi, Pierangela Samarati, Stefano Paraboschi, Sara Foresti, Università degli Studi di Milano [Milano] (UNIMI), Università degli studi di Bergamo (UniBG), Politecnico di Milano [Milan] (POLIMI), Università degli Studi di Milano, Silvio Ranise, Vipin Swarup, TC 11, and WG 11.3

Subjects

Index (economics), Database, business.industry, Computer science, Computer Science (all), Authorization, 020206 networking & telecommunications, Access control, 02 engineering and technology, Theoretical Computer Science, computer.software_genre, Encryption, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Confidentiality, [INFO]Computer Science [cs], Computer Security, business, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer

Abstract

Part 3: Access Control; International audience; The shuffle index provides confidentiality guarantees for accesses to externally outsourced data. In this paper, we extend the shuffle index with support for access control, that is, for enforcing authorizations on data. Our approach bases on the use of selective encryption and on the organization of data and authorizations in two shuffle indexes. Our proposal enables owners to regulate access to their data supporting authorizations allowing different users access to different portions of the data, while at the same time guaranteeing confidentiality of access.

Published

2016

18. Practical Techniques Building on Encryption for Protecting and Managing Data in the Cloud

Author

Giovanni Livraga, Sabrina De Capitani di Vimercati, Pierangela Samarati, and Sara Foresti

Subjects

0301 basic medicine, business.industry, Computer science, Reliability (computer networking), Cloud computing, Cryptography, 0102 computer and information sciences, Computer security, computer.software_genre, Encryption, 01 natural sciences, 03 medical and health sciences, 030104 developmental biology, 010201 computation theory & mathematics, Scalability, Data Protection Act 1998, Confidentiality, business, computer, Access structure

Abstract

Companies as well as individual users are adopting cloud solutions at an over-increasing rate for storing data and making them accessible to others. While migrating data to the cloud brings undeniable benefits in terms of data availability, scalability, and reliability, data protection is still one of the biggest concerns faced by data owners. Guaranteeing data protection means ensuring confidentiality and integrity of data and computations over them, and ensuring data availability to legitimate users. In this chapter, we survey some approaches for protecting data in the cloud that apply basic cryptographic techniques, possibly complementing them with additional controls, to the aim of producing efficient and effective solutions that can be used in practice.

Published

2016

19. DATA PRIVACY: DEFINITIONS AND TECHNIQUES

Author

Giovanni Livraga, Sabrina De Capitani di Vimercati, Sara Foresti, and Pierangela Samarati

Subjects

Value (ethics), Information privacy, Privacy by Design, Privacy software, Computer science, Computer security, computer.software_genre, Task (project management), Artificial Intelligence, Control and Systems Engineering, Data Protection Act 1998, computer, Software, Information Systems, Anonymity

Abstract

The proper protection of data privacy is a complex task that requires a careful analysis of what actually has to be kept private. Several definitions of privacy have been proposed over the years, from traditional syntactic privacy definitions, which capture the protection degree enjoyed by data respondents with a numerical value, to more recent semantic privacy definitions, which take into consideration the mechanism chosen for releasing the data. In this paper, we illustrate the evolution of the definitions of privacy, and we survey some data protection techniques devised for enforcing such definitions. We also illustrate some well-known application scenarios in which the discussed data protection techniques have been successfully used, and present some open issues.

Published

2012

20. Integrating trust management and access control in data-intensive Web applications

Author

Sara Foresti, Pierangela Samarati, Stefano Paraboschi, Sabrina De Capitani di Vimercati, Sushil Jajodia, and Giuseppe Psaila

Subjects

Trust management, relational databases, access control, medicine.medical_specialty, Web development, Computer Networks and Communications, Computer science, 02 engineering and technology, Web engineering, computer.software_genre, World Wide Web, 020204 information systems, Web design, 0202 electrical engineering, electronic engineering, information engineering, medicine, Trust management (information system), Data Web, business.industry, 020206 networking & telecommunications, Web application security, Web service, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Web modeling

Abstract

The widespread diffusion of Web-based services provided by public and private organizations emphasizes the need for a flexible solution for protecting the information accessible through Web applications. A promising approach is represented by credential-based access control and trust management. However, although much research has been done and several proposals exist, a clear obstacle to the realization of their benefits in data-intensive Web applications is represented by the lack of adequate support in the DBMSs. As a matter of fact, DBMSs are often responsible for the management of most of the information that is accessed using a Web browser or a Web service invocation. In this article, we aim at eliminating this gap, and present an approach integrating trust management with the access control of the DBMS. We propose a trust model with a SQL syntax and illustrate an algorithm for the efficient verification of a delegation path for certificates. Our solution nicely complements current trust management proposals allowing the efficient realization of the services of an advanced trust management model within current relational DBMSs. An important benefit of our approach lies in its potential for a robust end-to-end design of security for personal data in Web scenario, where vulnerabilities of Web applications cannot be used to violate the protection of the data residing on the database server. We also illustrate the implementation of our approach within an open-source DBMS discussing design choices and performance impact.

Published

2012

21. Authorization enforcement in distributed query evaluation*

Author

Stefano Paraboschi, Sara Foresti, Sushil Jajodia, Sabrina De Capitani di Vimercati, and Pierangela Samarati

Subjects

safe query planning, distributed query evaluation, Computer Networks and Communications, View, Computer science, 02 engineering and technology, Query optimization, computer.software_genre, Query plan, Query expansion, Web query classification, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Query by Example, Safety, Risk, Reliability and Quality, computer.programming_language, Database, authorized views, 16. Peace & justice, Hardware and Architecture, 020201 artificial intelligence & image processing, Sargable, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer, Software, RDF query language

Abstract

We present a simple, yet powerful, approach for the specification and enforcement of authorizations regulating data release among data holders collaborating in a distributed computation, to ensure that query processing discloses only data whose release has been explicitly authorized. Data disclosure is captured by means of profiles, associated with each data computation, that describe the information carried by a base or a derived (i.e., computed by a query) relation. We present an algorithm that, given a query plan, determines whether it can be safely executed and produces a safe execution strategy for it. For each operation in a safe query plan, the algorithm determines the server(s) responsible for the execution, based on the entailed information flows, considering different strategies for the execution of joins. Finally, we discuss the architecture of a distributed database system based on the proposed model, illustrating possible design choices and their impact.

Published

2011

22. Shuffle Index: efficient and private access to outsourced data

Author

Pierangela Samarati, Gerardo Pelosi, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Sara Foresti

Subjects

Computer science, Control (management), design, Cloud computing, USable, Computer security, computer.software_genre, content confidentiality, Index structure, Outsourcing, Security, management, Shuffle index, private access, access confidentiality, pattern confidentiality, Performance costs, Outsourced datum, Confidentiality, Structure (mathematical logic), Shuffling, business.industry, Index (publishing), Hardware and Architecture, B+-trees, Design, Management, Data outsourcing, business, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer

Abstract

Data outsourcing and cloud computing have been emerging at an ever-growing rate as successful approaches for allowing users and companies to rely on external services for storing and managing data. As data and access to them are not under the control of the data owner, there is a clear need to provide proper confidentiality protection. Such requirements concern the confidentiality not only of the stored data (content) but also of the specific accesses (or patterns of them) that users make on such data. In this article, we address these issues and propose an approach for guaranteeing content, access, and pattern confidentiality in a data outsourcing scenario. The proposed solution is based on the definition of a shuffle index structure, which adapts traditional B +-trees and, by applying a combination of techniques (covers, caches, and shuffling), ensures confidentiality of the data and of queries over them, protecting each single access as well as sequences thereof. The proposed solution also supports update operations over the data, while making reads and writes not recognizable as such by the server. We show that the shuffle index exhibits a limited performance cost, thus resulting effectively usable in practice.

Published

2015

23. Selective and Private Access to Outsourced Data Centers

Author

Pierangela Samarati, Giovanni Livraga, Sabrina De Capitani di Vimercati, and Sara Foresti

Subjects

business.industry, Computer science, Internet privacy, Information technology, Access control, Cloud computing, 0102 computer and information sciences, 02 engineering and technology, Bloom filter, Computer security, computer.software_genre, Encryption, 01 natural sciences, Outsourcing, 010201 computation theory & mathematics, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Confidentiality, business, computer, Server-side

Abstract

The advancements in the Information Technology and the rapid diffusion of novel computing paradigms have accelerated the trend of moving data to the cloud. Public and private organizations are more often outsourcing their data centers to the cloud for economic and/or performance reasons, thus making data confidentiality an essential requirement. A basic technique for protecting data confidentiality relies on encryption: data are encrypted by the owner before their outsourcing. Encryption however complicates both the query evaluation and enforcement of access restrictions to outsourced data. In this chapter, we provide an overview of the issues and techniques related to the support of selective and private access to outsourced data in a scenario where the cloud provider is trusted for managing the data but not for reading their content. We therefore illustrate methods for enforcing access control and for efficiently and privately executing queries (at the server side) over encrypted data. We also show how the combined adoption of approaches supporting access control and for efficient query evaluation may cause novel privacy issues that need to be carefully handled.

Published

2015

24. Protecting Access Confidentiality with Data Distribution and Swapping

Author

Stefano Paraboschi, Gerardo Pelosi, Pierangela Samarati, Sara Foresti, and Sabrina De Capitani di Vimercati

Subjects

Access confidentiality, Distributed database, Data distribution, Computer science, business.industry, Computer Networks and Communications, Node (networking), Cryptography, Encryption, Data structure, Computer security, computer.software_genre, Swapping, Software, Server, Confidentiality, business, Resource management (computing), Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer, Computer network

Abstract

The protection of the confidentiality of outsourced data is an important problem. A critical aspect is the ability to efficiently access data that are stored in an encrypted format, without giving to the server managing access requests the ability to infer knowledge about the data content of the access executed by the clients. The approaches that have been proposed to solve this problem rely on a continuous rewriting and re-encryption of the accessed data, like the shuffle index that has recently been proposed. We here propose a different approach that uses three independent servers to manage the data structure. The use of three servers is motivated by the increased protection that derives from the use of independent servers compared to the use of a single server. The protection shows to increase in a significant way if a constraint is introduced that at every request an accessed node has to be moved to a different server. The use of three servers permits to keep the accessed data protected even when the servers collude. The protection is evaluated with a probabilistic model that estimates the loss of information that derives from the application of the technique.

Published

2015

25. Security and Trust Management

Author

Sara Foresti

Subjects

Cloud computing security, Certified Information Security Manager, Information security management, Security service, Security convergence, Trust management (information system), Security management, Business, Computer security, computer.software_genre, computer, Security information and event management

Published

2015

26. Data Protection in Cloud Scenarios

Author

Sara Foresti, Pierangela Samarati, and Sabrina De Capitani di Vimercati

Subjects

Geography, Settore INF/01 - Informatica, business.industry, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Data Protection Act 1998, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, business, Computer security, computer.software_genre, computer

Abstract

We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges.

Published

2015

27. Three-server swapping for access confidentiality

Author

Sabrina De Capitani di Vimercati, Gerardo Pelosi, Sara Foresti, Stefano Paraboschi, and Pierangela Samarati

Subjects

Computer Networks and Communications, Computer science, 0211 other engineering and technologies, Cloud computing, 02 engineering and technology, Encryption, Computer security, computer.software_genre, content confidentiality, Server, distributed swapping, 0202 electrical engineering, electronic engineering, information engineering, access confidentiality, Confidentiality, pattern confidentiality, 020203 distributed computing, 021110 strategic, defence & security studies, business.industry, Node (networking), Computer Science Applications1707 Computer Vision and Pattern Recognition, 16. Peace & justice, Data structure, Shuffle index, Software, Information Systems, Hardware and Architecture, Computer Science Applications, Collusion, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, Resource management (computing), computer

Abstract

We propose an approach to protect confidentiality of data and accesses to them when data are stored and managed by external providers, and hence not under direct control of their owner. Our approach is based on the use of distributed data allocation among three independent servers and on a dynamic re-allocation of data at every access. Dynamic re-allocation is enforced by swapping data involved in an access across the servers in such a way that accessing a given node implies re-allocating it to a different server, then destroying the ability of servers to build knowledge by observing accesses. The use of three servers provides uncertainty, to the eyes of the servers, of the result of the swapping operation, even in presence of collusion among them.

Published

2015

28. Optimizing Integrity Checks for Join Queries in the Cloud

Author

Sara Foresti, Sabrina De Capitani di Vimercati, Pierangela Samarati, Sushil Jajodia, Stefano Paraboschi, Università degli Studi di Milano [Milano] (UNIMI), George Mason University [Fairfax], Università di Bergamo, David Hutchison, Takeo Kanade, Bernhard Steffen, Demetri Terzopoulos, Doug Tygar, Gerhard Weikum, Vijay Atluri, Günther Pernul, Josef Kittler, Jon M. Kleinberg, Alfred Kobsa, Friedemann Mattern, John C. Mitchell, Moni Naor, Oscar Nierstrasz, C. Pandu Rangan, TC 11, and WG 11.3

Subjects

business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Limiting, Computer security, computer.software_genre, Variety (cybernetics), Overhead (business), If and only if, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Diversity (business)

Abstract

International audience; The large adoption of the cloud paradigm is introducing more and more scenarios where users can access data and services with an unprecedented convenience, just relying on the storage and computational power offered by external providers. Also, users can enjoy a diversity and variety of offers, with the possibility of choosing services by different providers as they best suit their needs. With the growth of the market, economic factors have become one of the crucial aspects in the choice of services. However, security remains a major concern and users will be free to actually benefit from the diversity and variety of such offers only if they can also have proper security guarantees on the services. In this paper, we build upon a recent proposal for assessing integrity of computations performed by potentially untrusted providers introducing some optimizations, thus limiting the overhead to be paid for integrity guarantees, and making it suitable to more scenarios.

Published

2014

29. Fragmentation in presence of data dependencies

Author

Sushil Jajodia, Sara Foresti, Giovanni Livraga, Pierangela Samarati, Stefano Paraboschi, and Sabrina De Capitani di Vimercati

Subjects

Computer science, Information leakage, Scalability, Fragmentation (computing), Data Protection Act 1998, Confidentiality, Data mining, Electrical and Electronic Engineering, computer.software_genre, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer, Data modeling

Abstract

Fragmentation has been recently proposed as a promising approach to protect the confidentiality of sensitive associations whenever data need to undergo external release or storage. By splitting attributes among different fragments, fragmentation guarantees confidentiality of the associations among these attributes under the assumption that such associations cannot be reconstructed by re-combining the fragments. We note that the requirement that fragments do not have attributes in common, imposed by previous proposals, is only a necessary, but not sufficient, condition to ensure that information in different fragments cannot be recombined as dependencies may exist among data enabling some form of linkability. In this paper, we identify the problem of improper information leakage due to data dependencies, provide a formulation of the problem based on a natural graphical modeling, and present an approach to tackle it in an efficient and scalable way.

Published

2014

30. On information leakage by indexes over data fragments

Author

S. De Capitani di Vimercati, S. Paraboschi, Sara Foresti, Pierangela Samarati, and Sushil Jajodia

Subjects

021110 strategic, defence & security studies, Information privacy, business.industry, Computer science, Search engine indexing, 0211 other engineering and technologies, Fragmentation (computing), Cryptography, 02 engineering and technology, computer.software_genre, Encryption, 020204 information systems, Information leakage, 0202 electrical engineering, electronic engineering, information engineering, Confidentiality, Data mining, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer

Abstract

Data fragmentation has recently emerged as a complementary approach to encryption for protecting confidentiality of sensitive associations when storing data at external parties. In this paper, we discuss how the use of indexes, typically associated with the encrypted portion of the data, while desirable for providing effectiveness and efficiency in query execution, can - combined with fragmentation - cause potential leakage of confidential (encrypted or fragmented) information. We illustrate how the exposure to leakage varies depending on the kind of indexes. Such observations can result useful for the design of approaches assessing information exposure and for the definition of safe (free from inferences) indexes in fragmented data.

Published

2013

31. Enforcing dynamic write privileges in data outsourcing

Author

Sushil Jajodia, Pierangela Samarati, Sara Foresti, Sabrina De Capitani di Vimercati, Giovanni Livraga, and Stefano Paraboschi

Subjects

Data outsourcing, data protection, write authorization enforcement, policy updates, data integrity, General Computer Science, Computer science, Hash function, 02 engineering and technology, computer.software_genre, Encryption, Computer security, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key derivation function, Enforcement, Database, business.industry, Authorization, 020206 networking & telecommunications, Data sharing, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, Law, computer

Abstract

Users and companies are more and more resorting to external providers for storing their data and making them available to others. Since data sharing is typically selective (i.e., accesses to certain data should be allowed only to authorized users), there is the problem of enforcing authorizations on the outsourced data. Recently proposed approaches based on selective encryption provide convenient enforcement of read privileges, but are not directly applicable for supporting write privileges. In this paper, we extend selective encryption approaches to the support of write privileges. Our proposal enriches the approach based on key derivation of existing solutions and complements it with a hash-based approach for supporting write privileges. Enforcement of write privileges and of possible policy updates relies on the - controlled - cooperation of the external provider. Our solution also allows the data owner and the users to verify the integrity of the outsourced data.

Published

2013

32. 12th workshop on privacy in the electronic society (WPES 2013)

Author

Sara Foresti

Subjects

Information privacy, Information and Communications Technology, Computer science, Computer security, computer.software_genre, computer

Abstract

The evolution of the Information and Communication Technology (ICT) has radically changed our lives, making information available from anywhere at any time through different kinds of devices. The advantage of the growing availability of computational power and connectivity resources at low prices is the easiness of collecting, sharing, processing, and accessing information. This advantage however does not come for free as it introduces unprecedented privacy risks. The attention toward these problems is growing every day and the need for privacy-aware policies, regulations, and techniques has been widely recognized. WPES is a yearly forum, this year at its 12th edition, that brings together researchers and practitioners interested in discussing the privacy issues characterizing our global and interconnected society.

Published

2013

33. Extending loose associations to multiple fragments

Author

Sara Foresti, Stefano Paraboschi, Sabrina De Capitani di Vimercati, Sushil Jajodia, Pierangela Samarati, Giovanni Livraga, Università degli Studi di Milano [Milano] (UNIMI), George Mason University [Fairfax], Università degli studi di Bergamo (UniBG), Lingyu Wang, Basit Shafiq, TC 11, and WG 11.3

Subjects

Loose associations, fragmentation, confidentiality constraints, privacy, data publishing, Information retrieval, Computer science, Fragmentation (computing), 02 engineering and technology, computer.software_genre, LOOSE ASSOCIATIONS, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Data mining, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, computer

Abstract

Part 1: Privacy I; International audience; Data fragmentation has been proposed as a solution for protecting the confidentiality of sensitive associations when publishing data at external servers. To enrich the utility of the published fragments, a recent approach has put forward the idea of complementing them with loose associations, a sanitized form of the sensitive associations broken by fragmentation. The original proposal considers fragmentations composed of two fragments only, and supports the definition of a loose association between this pair of fragments. In this paper, we extend loose associations to multiple fragments. We first illustrate how the publication of multiple loose associations between pairs of fragments of a generic fragmentation can potentially expose sensitive associations. We then describe an approach for supporting the more general case of publishing a loose association among an arbitrary set of fragments.

Published

2013

34. Distributed Shuffling for Preserving Access Confidentiality

Author

Gerardo Pelosi, Sara Foresti, Pierangela Samarati, Stefano Paraboschi, and Sabrina De Capitani di Vimercati

Subjects

Index (economics), Computer science, 0102 computer and information sciences, 02 engineering and technology, information systems, Computer security, computer.software_genre, 01 natural sciences, Outsourcing, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, e-Commerce/e-business, Confidentiality, data encryption, Computer Science::Cryptography and Security, Shuffling, business.industry, management of computing, Systems and data security, 010201 computation theory & mathematics, computer communication networks, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, computer, Computer network

Abstract

The shuffle index has been recently proposed for organizing and accessing data in outsourcing scenarios while protecting the confidentiality of the data as well as of the accesses to them. In this paper, we extend the shuffle index to the use of multiple servers for storing data, introducing a new protection technique (shadow) and enriching the original ones by operating in a distributed scenario. Our distributed shuffle index produces a significant increase in the protection of the system, with no additional costs.

Published

2013

35. Enforcing Subscription-Based Authorization Policies in Cloud Scenarios

Author

Sabrina De Capitani di Vimercati, Giovanni Livraga, Sara Foresti, Sushil Jajodia, Università degli Studi di Milano-Bicocca [Milano] (UNIMIB), George Mason University [Fairfax], Nora Cuppens-Boulahia, Frédéric Cuppens, Joaquin Garcia-Alfaro, TC 11, and WG 11.3

Subjects

021110 strategic, defence & security studies, Service (systems architecture), business.industry, Download, media_common.quotation_subject, 0211 other engineering and technologies, access control, Access control, Cloud computing, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Information and Communications Technology, subscription-based policies, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, data outsourcing, Key derivation function, Quality (business), [INFO]Computer Science [cs], business, computer, media_common

Abstract

Part 9: Cloud Computing; International audience; The rapid advances in the Information and Communication Technologies have brought to the development of on-demand high quality applications and services allowing users to easily access resources anywhere anytime. Users can pay for a service and access the resources made available during their subscriptions until the subscribed periods expire. Users are then forced to download such resources if they want to access them also after the subscribed periods. To avoid this burden to the users, we propose the adoption of a subscription-based access control policy that combines a flexible key derivation structure with selective encryption. The publication of new resources as well as the management of subscriptions are accommodated by adapting the key derivation structure in a transparent way for the users.

Published

2012

36. Support for Write Privileges on Outsourced Data

Author

Pierangela Samarati, Stefano Paraboschi, Sabrina De Capitani di Vimercati, Sushil Jajodia, Sara Foresti, Dipartimento di Informatica, Università degli Studi di Milano [Milano] (UNIMI), Center for Secure Information Systems [Fairfax], George Mason University [Fairfax], Ingegneria dell'Informazione e Metodi Matematici (DIMM), Università degli studi di Bergamo (UniBG), Dimitris Gritzalis, Steven Furnell, and Marianthi Theoharidou

Subjects

data protection, authorization management, business.industry, Computer science, Data management, Internet privacy, Authorization, 02 engineering and technology, Outsourcing, Computer security, computer.software_genre, 020204 information systems, Research community, Data outsourcing, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], 020201 artificial intelligence & image processing, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, business, Enforcement, computer, Dissemination

Abstract

Part 5: Database Security; International audience; In the last years, data outsourcing has received an increasing attention by the research community thanks to the benefits that it brings in terms of data management. A basic requirement in such a scenario is that outsourced data be made accessible only to authorized users, that is, no unauthorized party (including the storing server) should have access to the data. While existing proposals provide a sound basis for addressing such a need with respect to data dissemination (i.e., enforcement of read authorizations), they fall short on the support of write authorizations.In this paper we address such an open problem and present an approach to enforce write privileges over outsourced data. Our work nicely extends and complements existing solutions, and exploiting key derivation tokens, hashing, and HMAC functions provides efficient and effective controls.

Published

2012

37. Computer Security – ESORICS 2012

Author

Fabio Martinelli, Moti Yung, and Sara Foresti

Subjects

Computer science, 0202 electrical engineering, electronic engineering, information engineering, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, 02 engineering and technology, Computer security, computer.software_genre, computer

Published

2012

38. Private data indexes for selective access to outsourced data

Author

Pierangela Samarati, Sara Foresti, Sushil Jajodia, Sabrina De Capitani di Vimercati, and Stefano Paraboschi

Subjects

Database, business.industry, Computer science, Search engine indexing, Combined use, Plaintext, Encryption, computer.software_genre, Computer security, Confidentiality protection, Data Protection Act 1998, Overhead (computing), business, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, Cloud storage, computer

Abstract

Cloud storage services have recently emerged as a successful approach for making resources conveniently available to large communities of users. Several techniques have been investigated for enabling such services, including encryption for ensuring data protection, as well as indexing for enabling efficient query execution on encrypted data. When data are to be made available selectively, the combined use of the two techniques must be handled with care, since indexes can put the confidentiality protection guaranteed by encryption at risk.In this paper, we investigate this issue and propose an indexing technique for supporting efficient access to encrypted data while preventing possible disclosure of data to users not authorized to access them. Intuitively, our indexing technique accounts for authorizations when producing indexes so to ensure that different occurrences of the same plaintext value, but accessible by different sets of users, be not recognizable from their indexes. We show that our solution exhibits a limited performance overhead in query evaluation, while preventing leakage of information.

Published

2011

39. Supporting concurrency in private data outsourcing

Author

Sara Foresti, Pierangela Samarati, Gerardo Pelosi, Stefano Paraboschi, and Sabrina De Capitani di Vimercati

Subjects

business.industry, Computer science, Concurrency, Dynamic data, Service management, 020206 networking & telecommunications, Differential (mechanical device), 02 engineering and technology, Data structure, Encryption, Computer security, computer.software_genre, Outsourcing, Index (publishing), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Settore ING-INF/05 - Sistemi di Elaborazione delle Informazioni, INF, business, computer

Abstract

With outsourcing emerging as a successful paradigm for delegating data and service management to third parties, the problem of guaranteeing proper privacy protection against the external server is becoming more and more important. Recent promising solutions for ensuring privacy in such scenarios rely on the use of encryption and on the dynamic allocation of encrypted data to memory blocks for destroying the otherwise static relationship between data and blocks in which they are stored. However, dynamic data allocation implies the need to re-write blocks at every read access, thus requesting exclusive locks that can affect concurrency. In this paper we present an approach that provides support for concurrent accesses to dynamically allocated encrypted data. Our solution relies on the use of multiple differential versions of the data index that are periodically reconciled and applied to the main data structure. We show how the use of such differential versions guarantees privacy while effectively supporting concurrent accesses thus considerably increasing the performance of the system.

Published

2011

40. Selective Encryption to Enforce Access Control

Author

Sara Foresti

Subjects

Exploit, business.industry, Computer science, Data outsourcing, Authorization, Access control, Context (language use), Encryption, business, Computer security, computer.software_genre, Enforcement, computer

Abstract

Data outsourcing is emerging today as a successful paradigm allowing users and organizations to exploit external services for the distribution of resources. A crucial problem to be addressed in this context concerns the enforcement of selective authorization policies and the support of policy updates in dynamic scenarios.

Published

2010

41. Combining Fragmentation and Encryption to Protect Data Privacy

Author

Sara Foresti

Subjects

Information privacy, Computer science, business.industry, Fragmentation (computing), Confidentiality, Encryption, business, Computer security, computer.software_genre, computer

Abstract

Traditional solutions for granting data privacy rely on encryption. However, dealing with encrypted data makes query processing expensive. In this chapter, we propose a solution to enforce privacy over data collections combining data fragmentation with encryption.We model privacy requirements as confidentiality constraints expressing the sensitivity of the content of single attributes and of their associations. We then use encryption as an underlying (conveniently available) measure for making data unintelligible, while exploiting fragmentation to break sensitive associations among attributes. We introduce both exact and heuristic algorithms computing a fragmentation that tries to minimize the impact of fragmentation on query efficiency

Published

2010

42. Distributed Query Processing under Safely Composed Permissions

Author

Sara Foresti

Subjects

Database, Computer science, business.industry, Execution plan, Database schema, Access control, computer.software_genre, Query optimization, Query plan, Schema (psychology), Server, Graph coloring, business, computer

Abstract

The integration of information sources detained by distinct parties, either for security or efficiency reasons, is becoming of great interest. A crucial issue in this scenario is the definition of mechanisms for the integration that correctly satisfy the commercial and business policies of the organization owning the data. In this chapter, we propose a new model based on the characterization of access privileges for a set of servers on the components of a relational schema. The proposed approach is based on three concepts: i) flexible permissions identify portions of the data being authorized, ii) relations are checked for release not with respect to individual authorizations but rather evaluating whether the information release they (directly or indirectly) entail is allowed by the permissions, and iii) each basic operation necessary for query evaluation entails different data exchanges among the servers. Access control is effectively modeled and efficiently executed in terms of graph coloring and composition. The query execution plan is checked against privileges to evaluate if it can or cannot be exploited for query evaluation.

Published

2010

43. Minimizing Disclosure of Private Information in Credential-based Interactions: A Graph-based Approach

Author

Sabrina De Capitani di Vimercati, Sara Foresti, Stefano Paraboschi, Claudio Agostino Ardagna, and Pierangela Samarati

Subjects

021110 strategic, defence & security studies, Computer science, business.industry, 0211 other engineering and technologies, Graph theory, 02 engineering and technology, Computer security, computer.software_genre, Credential, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, ComputingMilieux_COMPUTERSANDSOCIETY, Graph (abstract data type), The Internet, Web resource, Project portfolio management, business, Private information retrieval, computer, Computer network

Abstract

We address the problem of enabling clients to regulate disclosure of their credentials and properties when interacting with servers in open scenarios. We provide a means for clients to specify the sensitivity of information in their portfolio at a fine-grain level and to determine the credentials and properties to disclose to satisfy a server request while minimizing the sensitivity of the information disclosed. Exploiting a graph modeling of the problem, we develop a heuristic approach for determining a disclosure minimizing released information, that offers execution times compatible with the requirements of interactive access to Web resources.

Published

2010

44. Fine-grained disclosure of access policies

Author

Mario Verdicchio, Franz-Stefan Preiss, Pierangela Samarati, Claudio Agostino Ardagna, Stefano Paraboschi, Sabrina De Capitani di Vimercati, Sara Foresti, and Gregory Neven

Subjects

021110 strategic, defence & security studies, Computer access control, SIMPLE (military communications protocol), Computer science, business.industry, 0211 other engineering and technologies, Access control, 02 engineering and technology, Limiting, Certification, Computer security, computer.software_genre, 020202 computer hardware & architecture, Server, 0202 electrical engineering, electronic engineering, information engineering, Role-based access control, business, computer, Computer network

Abstract

In open scenarios, where servers may receive requests to access their services from possibly unknown clients, access control is typically based on the evaluation of (certified or uncertified) properties, that clients can present. Since assuming the client to know a-priori the properties she should present to acquire access is clearly limiting, servers should be able to respond to client requests with information on the access control policies regulating access to the requested services. In this paper, we present a simple, yet flexible and expressive, approach for allowing servers to specify disclosure policies, regulating if and how access control policies on services can be communicated to clients. Our approach allows fine-grain specifications, thus capturing different ways in which policies, and portions thereof, can be communicated. We also define properties that can characterize the client view of the access control policy.

Published

2010

45. Data and Applications Security and Privacy XXIV

Author

Sara Foresti and Sushil Jajodia

Subjects

060201 languages & linguistics, Cloud computing security, Computer science, business.industry, Privacy software, Internet privacy, Data security, 06 humanities and the arts, 02 engineering and technology, Information security, Computer security model, Computer security, computer.software_genre, Security information and event management, Security service, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer

Published

2010

46. Managing key hierarchies for access control enforcement: Heuristic approaches

Author

Stelvio Cimato, Sara Foresti, Pierangela Samarati, Stefano Paraboschi, Alfredo De Santis, Sabrina De Capitani di Vimercati, and Carlo Blundo

Subjects

021110 strategic, defence & security studies, General Computer Science, Computer access control, business.industry, Computer science, Heuristic, 0211 other engineering and technologies, Access control, 0102 computer and information sciences, 02 engineering and technology, Encryption, Computer security, computer.software_genre, 01 natural sciences, 010201 computation theory & mathematics, Server, Key derivation function, business, Law, computer

Abstract

Data outsourcing is emerging today as a successful paradigm allowing individuals and organizations to resort to external servers for storing their data, and sharing them with others. The main problem of this trend is that sensitive data are stored on a site that is not under the data owner's direct control. This scenario poses a major security problem since often the external server is relied upon for ensuring high availability of the data, but it is not authorized to read them. Data need therefore to be encrypted. In such a context, the application of an access control policy requires different data to be encrypted with different keys so to allow the external server to directly enforce access control and support selective dissemination and access. The problem therefore emerges of designing solutions for the efficient management of an encryption policy enforcing access control, with the goal of minimizing the number of keys to be maintained by the system and distributed to users. In this paper, we prove that the problem of minimizing the number of keys is NP-hard and present alternative approaches for its solution. We first formulate the minimization problem as an instance of an integer linear programming problem and then propose three different families of heuristics, which are based on a key derivation tree exploiting the relationships among user groups. Finally, we experimentally evaluate the performance of our heuristics, comparing them with previous approaches.

Published

2010

47. Encryption policies for regulating access to outsourced data

Author

Sara Foresti, Stefano Paraboschi, Sabrina De Capitani di Vimercati, Pierangela Samarati, and Sushil Jajodia

Subjects

Computer access control, business.industry, Computer science, Information access, 020206 networking & telecommunications, Access control, Cryptography, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Outsourcing, Information sensitivity, 020204 information systems, Formal specification, 0202 electrical engineering, electronic engineering, information engineering, business, computer, Information Systems

Abstract

Current access control models typically assume that resources are under the strict custody of a trusted party which monitors each access request to verify if it is compliant with the specified access control policy. There are many scenarios where this approach is becoming no longer adequate. Many clear trends in Web technology are creating a need for owners of sensitive information to manage access to it by legitimate users using the services of honest but curious third parties, that is, parties trusted with providing the required service but not authorized to read the actual data content. In this scenario, the data owner encrypts the data before outsourcing and stores them at the server. Only the data owner and users with knowledge of the key will be able to decrypt the data. Possible access authorizations are to be enforced by the owner. In this article, we address the problem of enforcing selective access on outsourced data without need of involving the owner in the access control process. The solution puts forward a novel approach that combines cryptography with authorizations, thus enforcing access control via selective encryption . The article presents a formal model for access control management and illustrates how an authorization policy can be translated into an equivalent encryption policy while minimizing the amount of keys and cryptographic tokens to be managed. The article also introduces a two-layer encryption approach that allows the data owner to outsource, besides the data, the complete management of the authorization policy itself, thus providing efficiency and scalability in dealing with policy updates. We also discuss experimental results showing that our approach is able to efficiently manage complex scenarios.

Published

2010

48. Encryption-based policy enforcement for cloud storage

Author

Pierangela Samarati, Gerardo Pelosi, Sara Foresti, S. De Capitani di Vimercati, Sushil Jajodia, and S. Paraboschi

Subjects

Service (business), Access control policies, business.industry, Computer science, Internet privacy, Client-side encryption, 020206 networking & telecommunications, Access control, Cloud computing, 02 engineering and technology, Policy enforcement, Service provider, Computer security, computer.software_genre, Encryption, Access control policies, Authorization management, Policy enforcement, Service provider, User-generated content, Authorization management, External storage, User-generated content, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Cloud storage

Abstract

Nowadays, users are more and more exploiting external storage and connectivity for sharing and disseminating user-generated content. To this aim, they can benefit of the services offered by Internet companies, which however assume that the service provider is entitled to access the resources. To overcome this limitation, we present an approach that does not require complete trust in the external service w.r.t. both resource content and authorization management, while at the same time allowing users to delegate to the provider the enforcement of the access control policy on their resources. Our solution relies on the translation of the access control policy into an equivalent encryption policy on resources and on a hierarchical key structure that limits both the number of keys to be maintained and the amount of encryption to be enforced.

Published

2010

49. Supporting privacy preferences in credential-based interactions

Author

Sara Foresti, Claudio Agostino Ardagna, Pierangela Samarati, Sabrina De Capitani di Vimercati, and Stefano Paraboschi

Subjects

021110 strategic, defence & security studies, business.industry, Computer science, 0211 other engineering and technologies, Context (language use), 02 engineering and technology, Computer security, computer.software_genre, Credential, World Wide Web, Server, Maximum satisfiability problem, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Portfolio, 020201 artificial intelligence & image processing, The Internet, Project portfolio management, business, computer

Abstract

Users can today enjoy the many benefits brought by the development and widespread adoption of Internet and related services conveniently accessing digital resources. Servers offering such resources typically require users to release information about them, which servers can then use for enforcing possible access policies on the offered services. A major problem in this context relates to providing users with the ability of determining which information to release to satisfy the server requests during their electronic interactions.In this paper, we provide an approach for empowering the user in the release of her digital portfolio based on simple sensitivity labels expressing how much the user values different properties, credentials or combinations thereof, as well as on additional constraints that the user might impose on information disclosure. We provide a generic modeling of the problem and illustrate its translation in terms of a Weighted MaxSat problem, which can be conveniently and efficiently managed by off the shelf SAT solvers, thus resulting efficient and scalable.

Published

2010

50. Access control for smarter healthcare using policy spaces

Author

Sushil Jajodia, Pierangela Samarati, Tyrone Grandison, Sabrina De Capitani di Vimercati, Sara Foresti, and Claudio Agostino Ardagna

Subjects

General Computer Science, Computer science, business.industry, Break the glass, Access control, 02 engineering and technology, Patient data, Computer security, computer.software_genre, Emergency situations, restrict, 020204 information systems, Phenomenon, Health care, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Law, computer, Healthcare system

Abstract

A fundamental requirement for the healthcare industry is that the delivery of care comes first and nothing should interfere with it. As a consequence, the access control mechanisms used in healthcare to regulate and restrict the disclosure of data are often bypassed in case of emergencies. This phenomenon, called ''break the glass'', is a common pattern in healthcare organizations and, though quite useful and mandatory in emergency situations, from a security perspective, it represents a serious system weakness. Malicious users, in fact, can abuse the system by exploiting the break the glass principle to gain unauthorized privileges and accesses. In this paper, we propose an access control solution aimed at better regulating break the glass exceptions that occur in healthcare systems. Our solution is based on the definition of different policy spaces, a language, and a composition algebra to regulate access to patient data and to balance the rigorous nature of traditional access control systems with the ''delivery of care comes first'' principle.

Published

2010