Skip to main content
SpringerLink
Log in

On the Hardness of Separation of Duties Problems for Cloud Databases

  • Conference paper
  • First Online:
Trust, Privacy and Security in Digital Business (TrustBus 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11033))

Included in the following conference series:

Abstract

Using cloud databases puts confidential data at risk. We apply vertical fragmentation of data tables in order to obtain insensitive data fragments. These fragments can then be hosted in databases at different cloud providers. Under the assumption that the cloud providers do not communicate, we then obtain a separation of duties such that each provider is unable to recombine the original confidential data set. In this paper, we view this separation of duties as an optimization problem. We show that it is a combination of the two famous NP-hard problems bin packing and vertex coloring. We analyze the complexity of the problem in the standard case (when only confidentiality is required) and the extended case (when also utility is a requirement).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, G., et al.: Two can keep a secret: a distributed architecture for secure database services. In: The Second Biennial Conference on Innovative Data Systems Research (CIDR 2005) (2005)

    Google Scholar 

  2. Biskup, J., Preuß, M., Wiese, L.: On the inference-proofness of database fragmentation satisfying confidentiality constraints. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 246–261. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24861-0_17

    Chapter  Google Scholar 

  3. Bkakria, A., Cuppens, F., Cuppens-Boulahia, N., Fernandez, J.M., Gross-Amblard, D.: Preserving multi-relational outsourced databases confidentiality using fragmentation and encryption. JoWUA 4(2), 39–62 (2013)

    Google Scholar 

  4. Bollwein, F., Wiese, L.: Closeness constraints for separation of duties in cloud databases as an optimization problem. In: Calì, A., Wood, P., Martin, N., Poulovassilis, A. (eds.) BICOD 2017. LNCS, vol. 10365, pp. 133–145. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60795-5_14

    Chapter  Google Scholar 

  5. Bollwein, F., Wiese, L.: Separation of duties for multiple relations in cloud databases as an optimization problem. In: Proceedings of the 21st International Database Engineering and Applications Symposium, pp. 98–107. ACM (2017)

    Google Scholar 

  6. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation and encryption to enforce privacy in data storage. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 171–186. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74835-9_12

    Chapter  Google Scholar 

  7. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation design for efficient query execution over sensitive distributed databases. In: ICDCS, pp. 32–39. IEEE Computer Society (2009)

    Google Scholar 

  8. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_27

    Chapter  Google Scholar 

  9. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Combining fragmentation and encryption to protect privacy in data storage. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(3), 22 (2010)

    Article  Google Scholar 

  10. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data outsourcing for enforcing privacy. J. Comput. Secur. 19(3), 531–566 (2011)

    Article  Google Scholar 

  11. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P.: An OBDD approach to enforce confidentiality and visibility constraints in data publishing. J. Comput. Secur. 20(5), 463–508 (2012)

    Article  Google Scholar 

  12. De Capitani di Vimercati, S., Erbacher, R.F., Foresti, S., Jajodia, S., Livraga, G., Samarati, P.: Encryption and fragmentation for data confidentiality in the cloud. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD 2012-2013. LNCS, vol. 8604, pp. 212–243. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10082-1_8

    Chapter  MATH  Google Scholar 

  13. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE Trans. Depend. Secur. Comput. 11(6), 510–523 (2014)

    Article  Google Scholar 

  14. Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79228-4_1

    Chapter  MATH  Google Scholar 

  15. Codd, E.F.: A relational model of data for large shared data banks. Commun. ACM 13(6), 377–387 (1970)

    Article  Google Scholar 

  16. Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman & Co., New York (1979)

    MATH  Google Scholar 

  17. Jindal, A., Palatinus, E., Pavlov, V., Dittrich, J.: A comparison of knives for bread slicing. Proce. VLDB Endow. 6(6), 361–372 (2013)

    Article  Google Scholar 

  18. Ozsu, M.T.: Principles of Distributed Database Systems, 3rd edn. Prentice Hall Press, Upper Saddle River (2007)

    Google Scholar 

  19. Samarati, P.: Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001)

    Article  Google Scholar 

  20. Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl. Based Syst. 10(05), 557–570 (2002)

    Article  MathSciNet  Google Scholar 

  21. Waage, T., Wiese, L.: Property preserving encryption in NoSQL wide column stores. In: Panetto, H., et al. (eds.) OTM 2017. LNCS, vol. 10574, pp. 3–21. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69459-7_1

    Chapter  Google Scholar 

  22. Wiese, L.: Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 101–116. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16825-3_8

    Chapter  Google Scholar 

  23. Wiese, L.: Advanced Data Management for SQL, NoSQL, Cloud and Distributed Databases. DeGruyter, Berlin (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Applied Stochastics and Operations Research, TU Clausthal, Clausthal-Zellerfeld, Germany

    Ferdinand Bollwein

  2. Institute of Computer Science, University of Göttingen, Göttingen, Germany

    Lena Wiese

Authors
  1. Ferdinand Bollwein
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lena Wiese
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lena Wiese .

Editor information

Editors and Affiliations

  1. University of Plymouth, Plymouth, United Kingdom

    Steven Furnell

  2. University of Brighton, Brighton, United Kingdom

    Haralambos Mouratidis

  3. Universität Regensburg, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bollwein, F., Wiese, L. (2018). On the Hardness of Separation of Duties Problems for Cloud Databases. In: Furnell, S., Mouratidis, H., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2018. Lecture Notes in Computer Science(), vol 11033. Springer, Cham. https://doi.org/10.1007/978-3-319-98385-1_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-98385-1_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-98384-4

  • Online ISBN: 978-3-319-98385-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation