short-paper

A New Approach to Preserving Data Confidentiality in the Cloud

Authors:

Eliseu C. Branco, Jr.,

Jose Maria Monteiro,

Roney Reis de C. e Silva,

Javam C. MachadoAuthors Info & Claims

IDEAS '16: Proceedings of the 20th International Database Engineering & Applications Symposium

Pages 256 - 263

https://doi.org/10.1145/2938503.2938512

Published: 11 July 2016 Publication History

Abstract

Cloud computing is a recent trend of technology that aims to provide unlimited, on-demand, elastic computing and data storage resources. In this context, cloud services decrease the need for local data storage and the infrastructure costs. However, hosting confidential data at a cloud storage service requires the transfer of control of the data to a semi-trusted external provider. Therefore, data confidentiality is the top concern from the cloud issues list. Recently, three main approaches have been introduced to ensure data confidentiality in cloud services: data encryption; combination of encryption and fragmentation; and fragmentation. Besides, other strategies use a mix of these three main approaches. In this paper, we present i-OBJECT, a new approach to preserve data confidentiality in cloud environments. The proposed mechanism uses information decomposition to split data into unrecognizable parts and store them in different cloud service providers. Experimental results show the potential efficiency of i-OBJECT.

References

[1]

C. C. Aggarwal. On k-anonymity and the curse of dimensionality. In Proceedings of the 31st international conference on Very large data bases, pages 901--909. VLDB Endowment, 2005.

Digital Library

[2]

J. Barbay and G. Navarro. Compressed representations of permutations, and applications. arXiv preprint arXiv:0902.1038, 2009.

[3]

J. Camenisch, S. Fischer-Hübner, and K. Rannenberg. Privacy and identity management for life. Springer, 2011.

Digital Library

[4]

A. Ceselli, E. Damiani, S. De Capitani di Vimercati, S. Jajodia, S. Paraboschi, and P. Samarati. Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security (TISSEC), 8(1), February 2005.

Digital Library

[5]

V. Ciriani, S. De Capitani Di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Keep a few: Outsourcing data while maintaining confidentiality. In Proceedings of the 14th European Conference on Research in Computer Security, ESORICS'09, pages 440--455, Berlin, Heidelberg, 2009. Springer-Verlag.

Digital Library

[6]

V. Ciriani, S. D. C. D. Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur., 13(3):22:1--22:33, July 2010.

Digital Library

[7]

R. Clarke. Introduction to dataveillance and information privacy, and definition of terms, 24/07/2014 1999.

[8]

G. Hegel. The encyclopaedia logic: Part i of the encyclopaedia of philosophical sciences with the zusätze, trans. TF Geraets, WA Sutching, and HS Harris (Indianapolis: Hackett, 1991), 1991.

[9]

N. M. Joseph, E. Daniel, and N. A. Vasanthi. Article: Survey on privacy-preserving methods for storage in cloud computing. IJCA Proceedings on Amrita International Conference of Women in Computing - 2013, AICWIC(4):1--4, January 2013. Full text available.

[10]

R. K. N. S. Krishna, T. J. V. R. K. M. K. Sayi, R. Mukkamala, and P. K. Baruah. Efficient privacy-preserving data distribution in outsourced environments: A fragmentation-based approach. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics, ICACCI '12, pages 589--595, New York, NY, USA, 2012. ACM.

Digital Library

[11]

C. Ning, W. Cong, L. Ming, R. Kui, and L. Wenjing. Privacy-preserving multi-keyword ranked search over encrypted cloud data. Parallel and Distributed Systems, IEEE Transactions on, 25(1):222--233, 2014.

Digital Library

[12]

L. Okman, N. Gal-Oz, Y. Gonen, E. Gudes, and J. Abramov. Security issues in nosql databases. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pages 541--547, Nov 2011.

Digital Library

[13]

T. Rekatsinas, A. Deshpande, and A. Machanavajjhala. Sparsi: Partitioning sensitive data amongst multiple adversaries. Proc. VLDB Endow., 6(13):1594--1605, Aug. 2013.

Digital Library

[14]

J. K. Resch and J. S. Plank. Aont-rs: blending security and performance in dispersed storage systems. In Proceedings of FAST-2011: 9th Usenix Conference on File and Storage Technologies, February 2011, 2011.

Digital Library

[15]

P. Samarati. Data security and privacy in the cloud. In Information Security Practice and Experience - 10th International Conference, ISPEC 2014, Fuzhou, China, May 5-8, 2014. Proceedings, pages 28--41, 2014.

Digital Library

[16]

P. Samarati and S. D. C. di Vimercati. Data protection in outsourcing scenarios: Issues and directions. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS '10, pages 1--14, New York, NY, USA, 2010. ACM.

Digital Library

[17]

C. E. Shannon. Communication theory of secrecy systems*. Bell system technical journal, 28(4):656--715, 1949.

[18]

L. Wiese. Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints, pages 101--116. Springer, 2010.

Digital Library

[19]

X. Xu, L. Xiong, and J. Liu. Database fragmentation with confidentiality constraints: A graph search approach. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, CODASPY '15, pages 263--270, New York, NY, USA, 2015. ACM.

Digital Library

[20]

X. Zhifeng and X. Yang. Security and privacy in cloud computing. Communications Surveys & Tutorials, IEEE, 15(2):843--859, 2013.

Cited By

Rosseti IOcaña Kde Oliveira DMontagnat JTaylor IGesing SSakellariou R(2017)Towards preserving results confidentiality in cloud-based scientific workflowsProceedings of the 12th Workshop on Workflows in Support of Large-Scale Science10.1145/3150994.3151002(1-9)Online publication date: 12-Nov-2017
https://dl.acm.org/doi/10.1145/3150994.3151002

Recommendations

Data confidentiality in cloud-based pervasive system
ICC '17: Proceedings of the Second International Conference on Internet of things, Data and Cloud Computing

Data confidentiality and privacy is a serious concern in pervasive systems where cloud computing is used to process huge amount of data such as matrix multiplications typically used in HPC. Due to limited processing capabilities, smart devices need to ...
Protection of users' data confidentiality in cloud computing
Internetware '10: Proceedings of the Second Asia-Pacific Symposium on Internetware

Current cloud computing systems pose serious limitation to protecting users' data confidentiality. Since users' sensitive data is presented in unencrypted forms to remote machines owned and operated by third party service providers, the risks of ...
Risk Aware Approach to Data Confidentiality in Cloud Computing
ICISS 2013: Proceedings of the 9th International Conference on Information Systems Security - Volume 8303

This paper explores the issue of "loss of control" that results when users outsource data and computation to the clouds. While loss of control has multiple manifestations, we focus on the data privacy and confidentiality implications when cloud ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

IDEAS '16: Proceedings of the 20th International Database Engineering & Applications Symposium

July 2016

420 pages

ISBN:9781450341189

DOI:10.1145/2938503

Editor:
Evan Desai
ConfSys
,
General Chair:
Bipin C. Desai
Concordia University
,
Program Chairs:
Motomichi Toyama
Keio University
,
Jorge Bernardino
ISEC

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Keio University: Keio University

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 July 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

IDEAS '16

IDEAS '16: International Database Engineering & Applications Symposium

July 11 - 13, 2016

QC, Montreal, Canada

Acceptance Rates

Overall Acceptance Rate 74 of 210 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
188
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Rosseti IOcaña Kde Oliveira DMontagnat JTaylor IGesing SSakellariou R(2017)Towards preserving results confidentiality in cloud-based scientific workflowsProceedings of the 12th Workshop on Workflows in Support of Large-Scale Science10.1145/3150994.3151002(1-9)Online publication date: 12-Nov-2017
https://dl.acm.org/doi/10.1145/3150994.3151002

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten