Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Access control aware data retrieval for secret sharing based database outsourcing
Hadavi, M. A ; Sharif University of Technology | 2016
672
Viewed
- Type of Document: Article
- DOI: 10.1007/s10619-015-7186-x
- Publisher: Springer New York LLC , 2016
- Abstract:
- Enforcing dynamic and confidential access control policies is a challenging issue of data outsourcing to external servers due to the lack of trust towards the servers. In this paper, we propose a scalable yet flexible access control enforcement mechanism when the underlying relational data, on which access policies are defined, has been shared through a secret sharing scheme. For sharing values of an attribute in a relation, the attribute is assigned a secret distribution key and its values are split and distributed among data servers according to a Shamir based secret sharing scheme. Given access control policies over attributes of the relation schema, access to distribution keys, used further for reconstructing original values, is managed using the Chinese remainder theorem. Our solution, in addition to preserving the confidentiality of access control policies, is flexible to efficiently adopt grant and revoke of authorizations. Moreover, it prevents the possibility of information leakage caused by query processing through an access control aware retrieval of data shares. That is, our solution not only enforces access control policies for reconstructing shares and obtaining original values, but also for retrieving shares in query processing scenario. We implemented our mechanism and performed extensive experiments, whose results confirm its efficiency and considerable scalability in practice
- Keywords:
- Policy update ; Outsourcing ; Query processing ; Access control enforcements ; Access control policies ; Chinese remainder theorem ; Data outsourcing ; Information leakage ; Oversharing ; Secret sharing ; Secret sharing schemes ; Access control
- Source: Distributed and Parallel Databases ; Volume 34, Issue 4 , 2016 , Pages 505-534 ; 09268782 (ISSN)
- URL: https://link.springer.com/article/10.1007%2Fs10619-015-7186-x