Skip to main content
SpringerLink
Log in

Closeness Constraints for Separation of Duties in Cloud Databases as an Optimization Problem

  • Conference paper
  • First Online:
Book cover Data Analytics (BICOD 2017)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10365))

Included in the following conference series:

Abstract

Cloud databases offer flexible off-premise data storage and data processing. Security requirements might however impede the use of cloud databases if sensitive or business-critical data are accumulated at a single cloud storage provider. Hence, partitioning the data into less sensitive fragments that are distributed among multiple non-communicating cloud storage providers is a viable method to enforce confidentiality constraints. In this paper, we express this enforcement as an integer linear program. At the same time visibility of certain data combinations can be enabled. Yet in case of violated visibility constraints, the number of different servers on which data is distributed can still be optimized. We introduce novel closeness constraints to express these requirements.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: a distributed architecture for secure database services. In: The Second Biennial Conference on Innovative Data Systems Research (CIDR 2005) (2005)

    Google Scholar 

  2. Biskup, J., Preuß, M., Wiese, L.: On the inference-proofness of database fragmentation satisfying confidentiality constraints. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 246–261. Springer, Heidelberg (2011). doi:10.1007/978-3-642-24861-0_17

    Chapter  Google Scholar 

  3. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation and encryption to enforce privacy in data storage. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 171–186. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74835-9_12

    Chapter  Google Scholar 

  4. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data outsourcing for enforcing privacy. J. Comput. Secur. 19(3), 531–566 (2011)

    Article  Google Scholar 

  5. Ciriani, V., Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04444-1_27

    Chapter  Google Scholar 

  6. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inform. Syst. Secur. (TISSEC) 13(3), 22 (2010)

    Google Scholar 

  7. Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 85–100. ACM (2011)

    Google Scholar 

  8. Sarfraz, M.I., Nabeel, M., Cao, J., Bertino, E.: DBMask: fine-grained access control on encrypted relational databases. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 1–11. ACM (2015)

    Google Scholar 

  9. Spillner, J., Beck, M., Schill, A., Bohnert, T.M.: Stealth databases: ensuring user-controlled queries in untrusted cloud environments. In: 8th International Conference on Utility and Cloud Computing, pp. 261–270. IEEE (2015)

    Google Scholar 

  10. De Capitani di Vimercati, S., Erbacher, R.F., Foresti, S., Jajodia, S., Livraga, G., Samarati, P.: Encryption and fragmentation for data confidentiality in the cloud. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD 2012-2013. LNCS, vol. 8604, pp. 212–243. Springer, Cham (2014). doi:10.1007/978-3-319-10082-1_8

    Chapter  Google Scholar 

  11. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE Trans. Dependable Secure Comput. 11(6), 510–523 (2014)

    Article  MATH  Google Scholar 

  12. Waage, T., Homann, D., Wiese, L.: Practical application of order-preserving encryption in wide column stores. In: SECRYPT, pp. 352–359. SciTePress (2016)

    Google Scholar 

  13. Waage, T., Jhajj, R.S., Wiese, L.: Searchable encryption in apache cassandra. In: Garcia-Alfaro, J., Kranakis, E., Bonfante, G. (eds.) FPS 2015. LNCS, vol. 9482, pp. 286–293. Springer, Cham (2016). doi:10.1007/978-3-319-30303-1_19

    Chapter  Google Scholar 

  14. Wiese, L.: Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 101–116. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16825-3_8

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Science, TU Clausthal, Clausthal-Zellerfeld, Germany

    Ferdinand Bollwein

  2. Institute of Computer Science, University of Goettingen, Goettingen, Germany

    Lena Wiese

Authors
  1. Ferdinand Bollwein
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lena Wiese
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lena Wiese .

Editor information

Editors and Affiliations

  1. Birkbeck, University of London, London, United Kingdom

    Andrea Calì

  2. Birkbeck, University of London, London, United Kingdom

    Peter Wood

  3. Birkbeck, University of London, London, United Kingdom

    Nigel Martin

  4. Birkbeck, University of London, London, United Kingdom

    Alexandra Poulovassilis

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Bollwein, F., Wiese, L. (2017). Closeness Constraints for Separation of Duties in Cloud Databases as an Optimization Problem. In: Calì, A., Wood, P., Martin, N., Poulovassilis, A. (eds) Data Analytics. BICOD 2017. Lecture Notes in Computer Science(), vol 10365. Springer, Cham. https://doi.org/10.1007/978-3-319-60795-5_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-60795-5_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-60794-8

  • Online ISBN: 978-3-319-60795-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation