Dual encryption for query integrity assurance

Information Systems Security

Samarati

2015

Abstract. The amount of data created, stored, and processed has enormously increased in the last years. Today, millions of devices are connected to the Internet and generate a huge amount of (personal) data that need to be stored and processed using scalable, e cient, and reliable computing infrastructures. Cloud computing technology can be used to respond to these needs. Although cloud computing brings many benefits to users and companies, security concerns about the cloud still represent the major impediment for its wide adoption. We briefly survey the main challenges related to the storage and processing of data in the cloud. In particular, we focus on the problem of protecting data in storage, supporting fine-grained access, selectively sharing data, protecting query privacy, and verifying the integrity of computations.

Section: Integrity Of Computationsmentioning

confidence: 99%

Data Security Issues in Cloud Scenarios

Information Systems Security

Samarati

2015

“…Authenticated data structures provide deterministic guarantees but they are defined over a specific attribute and only queries operating on it can be verified. Probabilistic approaches can be adopted with any query, but provide probabilistic guarantees only (e.g., [3,17,18]). The approach in [18] inserts into the original relation a set of fake tuples, generated according to a deterministic function, before outsourcing the relation.…”

Section: Related Workmentioning

confidence: 99%

“…Absence of the expected fake tuples in a query result signals its incompleteness. The solution in [17] duplicates a subset of the tuples in the original relation and encrypts them with a different key. Since the external server cannot recognize duplicated tuples, their absence from the query result signals a misbehavior.…”

Section: Related Workmentioning

confidence: 99%

“…While appealing, this approach brings inherent risks related to the confidentiality and integrity of data and computations, which are difficult to mitigate since data are not under the direct control of their owners. The research community has dedicated many efforts in developing solutions for these problems, resulting in several approaches to protect the confidentiality and integrity of data at rest (e.g., [5]), as well as of computations over them (e.g., [12,17,18]). …”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Integrity for Approximate Joins on Untrusted Computational Servers

ICT Systems Security and Privacy Protection

Jajodia

et al. 2015

Abstract. In the last few years, many efforts have been devoted to the development of solutions aiming at ensuring the confidentiality and integrity of data and computations in the cloud. In particular, a recent solution for verifying the integrity of equi-join queries is based on the insertion of checks (markers and twins) whose presence provides probabilistic guarantees on the integrity of the computation. In this paper, we propose an approach for verifying the integrity of approximate join queries, which is based on the introduction of a discretized version of the join attribute and on the translation of the approximate join into an equijoin defined over the discrete attribute added to the original relations. The proposed approach guarantees the correctness and completeness of the join result, while causing a limited overhead for the user.

“…Assessing integrity for query results or computations entails providing users with the ability to verify that the result returned by the cloud provider is complete (i.e., computed on the whole data collection), correct (i.e., computed on genuine data and correctly performing the computation), and fresh (i.e., computed on the most recent version of the data). Approaches for guaranteeing integrity of query results can be classified as deterministic (e.g., [30,31,32]) and probabilistic (e.g., [15,23,36,38,40,42]). Deterministic solutions use authenticated data structures (e.g., signature chains, Merkle hash trees, skip lists) or encryption-based solutions and can detect an integrity violation only for queries formulated on the attribute(s) on which they have been defined.…”

mentioning

confidence: 99%

Data Protection in Cloud Scenarios

Lecture Notes in Computer Science

Samarati

2016

Abstract. We present a brief overview of the main challenges related to data protection that need to be addressed when data are stored, processed, or managed in the cloud. We also discuss emerging approaches and directions to address such challenges. Data security and privacy in the cloudThe 'cloud' has emerged as a successful paradigm enabling users and companies to have access to a virtually unlimited amount of resources to store, manage, and process data in a reliable and dependable infrastructure, even with economic advantages with respect to 'in-house' solutions. Together with considerable evident convenience, the cloud also introduces novel security and privacy issues. In fact, when storing or processing data in the cloud, data owners lose control over their data, leaving them potentially exposed to unauthorized parties, including the provider itself that might be not fully trusted. While typically cloud providers may be considered reliable for guaranteeing basic security protection (such as protection from unauthorized accesses to data and resources by third parties), they might not be considered trusted for the confidentiality (i.e., authorized to know the content) -or guaranteeing integrity -of the data they store or process.Many are the challenges that need to be addressed to guarantee proper security and privacy in the cloud. In this paper, we focus in particular on the challenges specifically related to data management [18,19,21,34,35]. Of course, there are also other security and privacy issues that characterize a cloud scenario (e.g., multi-tenancy and virtualization, fault-tolerance management [26,27,28]) on which we do not elaborate.