Vai al contenuto| Home page|

   Ti trovi in: HOME »Programmi, progetti e risultati »I progetti »PRIN - Programmi di ricerca di Rilevante Interesse Nazionale»Programma di ricerca
INIZIO_TESTO_DA_INDICIZZARE

RESEARCH PROGRAM

italiano - inglese
Research Units
Similar research programs:
Scientific and education field classification
International Patent Classification
Geographical classification
Bibliografia
[AB+-05] M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T. Lange, J. Malone-Lee, G. Neven, P. Paillier, H. Shi, Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Proc. of CRYPTO 2005, LNCS, Vol. 3621, pp. 205-222, 2005.

[AT-83] S. G. Akl, P. D. Taylor, Cryptographic Solution to a Problem of Access Control in a Hierarchy, ACM Trans. Comput. Syst., Vol. 1, N. 3, pp. 239-248, 1983.

[BDD-01] C.Blundo, P. D'Arco, A. De Santis, A t-Private k-Database Information Retrieval Scheme, International Journal of Information Security, Vol. 1, N. 1, pp. 64-68, 2001.

[BDOP-04] D. Boneh, G. Di Crescenzo, R. Ostrovsky, G. Persiano, Public Key Encryption with Keyword Search, Proc. of EUROCRYPT 2004, LNCS, Vol. 3027, pp. 506-522, 2004.

[BF-03] D. Boneh, M. Franklin, Identity-based Encryption from the Weil Pairing, SIAM Journal of Computing, Vol. 32, N. 3, pp. 586-615, 2003.

[BIKR-02] A. Beimel, Y. Ishai, E. Kushilevitz, J.F. Raymond, Breaking the O(n^(1/(2k-1))) Barrier for Information-Theoretic Private Information Retrieval, Proc. of FOCS 2002, pp. 261-270, 2002.

[BIM-00] A. Beimel, Y. Ishai, T. Malkin, Reducing the Servers' Computation in Private Information Retrieval: PIR with Preprocessing, Proc. of CRYPTO 2000, LNCS, Vol. 1880, pp. 56-74, 2000.

[BKM-01] L. Ballard, S. Kamara, F. Monrose, Achieving Efficient Conjunctive Searches of Encrypted Data, Proc. of ICICS 2001, LNCS, Vol. 2288.

[C-04] H. Y. Chien, Efficient Time-Bound Hierarchical Key Assignment Scheme, IEEE Trans. on Knowledge and Data Engineering, Vol. 16, N. 10, pp. 1301-1034, 2004.

[CDDJPS-05] A. Ceselli, E. Damiani, S. De Capitani di Vimercati, S. Jajodia, S. Paraboschi, P. Samarati, "Modeling and Assessing Inference Exposure in Encrypted Databases," in ACM Transactions on Information and System Security (TISSEC), vol. 8, n. 1, February 2005, pp. 119-152.

[CGKS-98] B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan, Private Information Retrieval, Journal of the ACM, Vol. 45, pp. 965-981, 1998.

[CHW-92] C. C. Chang, R. J. Hwang, T. C. Wu, Cryptographic Key Assignment Scheme for Access Control in a Hierarchy, Information Systems, Vol. 17, N. 3, pp. 243-247, 1992.

[CM-04] Y.-C. Chang, M. Mitzenmacher, Privacy Preserving Keyword Searches on Remote Encrypted Data, Cryptology ePrint Archive, Report 2004/051, http://eprint.iacr.org/2004/051/

[D-82] D.E.R. Denning, "Cryptography and Data Security." Addison-Wesley Publishing Company, 1982

[DDJPS-03] E. Damiani, S. De Capitani di Vimercati, S. Jajodia, S. Paraboschi, P. Samarati, "Balancing Confidentiality and Efficency in Untrusted Relational DBMSs", in Proc. of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA, October 27-31, 2003.

[DDPS-04] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, "Computing Range Queries on Obfuscated Data", in Proc. of the Information Processing and Management of Uncertainty in Knowledge-Based Systems, Perugia, Italy, July 2004.

[DFM-06] A. De Santis, A. L. Ferrara, B. Masucci, Unconditionally Secure Key Assignment Schemes, Discrete Applied Mathematics, Vol. 154, N. 2, pp. 234-252, 2006.

[DH-96] H.S. Delugach, T.H. Hinke, "Wizard: A Database Inference Analysis and Detection System," in IEEE Transactions on Knowledge and Data Engineering, vol. 8, n. 1, February 1996, pp. 56-66.

[DIO-01] G. Di Crescenzo, Y. Ishai, R. Ostrovsky, Universal Service-Providers for Database Private Information Retrieval, Journal of Cryptology, Vol. 14, N. 1, pp. 37-74, 2001.

[DWK-81] G.I. Davida, D.L. Wells, J.B. Kam, "A Database Encryption System with Subkeys", in ACM Transactions on Database Systems, vol. 6, n. 2, pp. 312-328, June 1981.

[FJ-03] C. Farkas and S. Jajodia, "The Inference Problem: A Survey", in SIGKDD Explorations, vol. 4, n. 2, 2003. pp. 6-11.

[G-03] E.-J. Goh, Secure Indexes, Cryptology ePrint Archive, Report 2003/216, http://eprint.iacr.org/2003/216/

[GR-05] C. Gentry, Z. Ramzan, Single-Database Private Information Retrieval with Constant Communication Rate, Proc. of ICALP 2005, LNCS, Vol. 3580, pp. 803-815, 2005.

[GSW-04] P. Golle, J. Staddon, B. Waters, Secure Conjunctive Keyword Search over Encrypted Data, Proc. of ACNS 2004, LNCS, Vol. 3089, pp. 31-45, 2004.

[HC-04] H. Huang, C. Chang, A New Cryptographic Key Assignment Scheme with Time-Constraint in a Hierarchy, Computer Standards & Interfaces, Vol. 26, pp. 159-166, 2004.

[HILM-02] H. Hacigumus, B. Iyer, C. Li, S. Mehrotra, "Executing SQL over Encrypted Data in the Database-Service-Provider Model", in Proc. of ACM SIGMOND 2002, Madison, Wisconsin, USA, June 4-6 2002.

[HIM-02] H. Hacigumus, B. Iyer, S. Mehrotra, "Providing Database as a Service", in Proc. of the 18th International Conference on Data Engineering, San Jose, California, USA, February 2002.

[HIM-04] H. Hacigumus, B. Iyer, S. Mehrotra, "Efficient Execution of Aggregation Queries over Encrypted Relational Databases", in Proc. of the 9th International Conference on Database Systems for Advanced Applications, Jeju Island, Korea, March 2004.

[HM-04] H. Hacigumus, S. Mehrotra, "Performance-Conscious Key Management in Encrypted Databases", in Proc. of the 18th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sitges, Catalonia, Spain, July 2004.

[IK-99] Y. Ishai, E. Kushilevitz, Improved Upper Bound on Information-Theoretic Private Information Retrieval, Proc. of STOC 1999, pp. 79-88, 1999.

[KO-97] E. Kushilevitz, R. Ostrovsky, Replication is not Needed: Single Database, Computationally-Private Information Retrieval, Proc. of FOCS 1997, pp. 364-373, 1997.

[KO-00] E. Kushilevitz, R. Ostrovsky, One-Way Trapdoor Permutations are Sufficient for Single-database Computationally-Private Information Retrieval, Proc. of EUROCRYPT 2000, LNCS, Vol. 1807, pp. 104-122, 2000.

[MMJ-96] A. Motro, D.G. Marks, and S. Jajodia, "Enhancing the Controlled Disclosure of Sensitive Information," in Proc. of the Fourth European Symposium on Research in Security and Privacy, September 1996.

[NP-99] M. Naor, B. Pinkas, Oblivious Transfer and Polynomial Evaluation, Proc. of STOC 1999, pp. 245-254, 1999.

[OS-05] R. Ostrovsky, W. Skeith, Private Searching on Streaming Data, Proc. of CRYPTO 2005, LNCS, Vol. 3621, pp. 223-240, 2005.

[PKL-04] D. J. Park, K. Kim, P. J. Lee, Public Key Encryption with Conjunctive Field Keyword Search, Proc. of WISA 2004, LNCS, Vol. 1807, pp. 73-86, 2004.

[S-01] P. Samarati, "Protecting Respondent's Privacy in Microdata Release", in IEEE Transations on Knowledge and Data Engineering, vol. 13, n. 6, pp. 1010-1017, November/December 2001.

[SD-01] P. Samarati and S. De Capitani di Vimercati, "Access Control: Policies, Models, and Mechanis," in Foundations of Security Analysis and Design, R. Focardi and R. Gorrieri (eds), LNCS 2171, Springer-Verlag, 2001.

[SWP-00] D.X. Song, D. Wagner, A. Perrig, "Practical Techniques for Searches on Encrypted Data", in Proc. of the 2000 IEEE Symposium on Security and Privacy, pp. 44-55, Oakland, CA, USA, May 2000.

[TM-05] Q. Tang, C. J. Mitchell, Comments on a Cryptographic Key Assignment Scheme, Computer Standards & Interfaces, Vol. 27, pp. 323-326, 2005.

[T-02] W.-G. Tzeng, A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy, IEEE Trans. on Knowledge and Data Engineering, Vol. 14, pp. 182-188, 2002.

[W-02] World Wide Web, "XML Encryption Syntax and Processing," December 2002, http://www.w3.org/TR/xmlenc-core/

[YY-03] X. Yi, Y. Ye, Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy, IEEE Transactions on Knowledge and Data Engineering, Vol. 15, N. 4, pp. 1054-1055, 2003.
Keywords
RELATIONAL DATABASE TECHNOLOGY, ACCESS CONTROL, CRYPTOGRAPHIC TECHNIQUES, DISTRIBUTED SYSTEMS, INDEXING TECHNIQUES

Cryptographic databases

Università degli Studi di Bergamo
Abstract
This project aims at developing solutions for data security, allowing to protect sensitive data stored and managed by entities different from the information owner. In such a scenario, classical solutions for access control, where reference monitors control each access request to the data, cannot be employed. On the other hand, cryptographic solutions, providing data confidentiality and integrity over insecure channels, can be used. The main application of this research project is in databases, but we will develop solutions which can be used also in other areas.
The research will consider different topics, which can be organized into three different areas:
-Cryptography: Which cryptographic techniques can be used in such a scenario to allow, in an efficient and secure way, authorized users to access the data? How to formalize the security requirements against collusion attacks carried out by a group of users?
-Security Models: How to organize access privileges for different users? How to characterize the lack of confidentiality due to system monitoring, by considering, in a static environment, only the distribution of the encrypted values and, in a dynamic environment, the sequence of users' access requests?
-Database Technologies: What is the impact of such techniques on the structure of a database server? How to trade-off security and efficiency? Which components need to be modified to allow a transparent integration among security services >>>

Principal Investigator
Stefano Paraboschi Università degli Studi di BERGAMO
Research Objectives
The goal of the project is to develop new technologies enabling the realization of encrypted databases. Two are the main motivations which are supported by the following observations, the former related to on-line information systems context, the latter related to more general considerations on the evolution of the information technology. As regards online information systems, there is an increasing trend towards data outsourcing and the development of related services are registering a growing interest in the software services market. Outsourcing relational databases to external providers promises a number of advantages in terms of improved efficiency: indeed, management costs can be reduced and higher availability and more effective disaster protection than in-house operations can be provided. An obstacle to the realization of this scenario, is that data owners may not entirely trust providers. It is therefore of primary importance to provide means of protecting the secrecy of the information remotely stored, without necessarily requiring trust in the subject managing the information, while guaranteeing its availability to legitimate clients. Such techniques could support the realization of a wider market for these services and would make such approach an important option in the design of any information system.

At a higher level of analysis, it is possible to observe how the evolution of the information technology registers a continuous growth of >>>

Timescale
24 months
National and international background
The project theme requires to consider the status of several previous research lines. We synthetically analyze the areas with the most impact.

Protection of information in outsourced databases
In most organizations, databases hold a critical concentration of sensitive information and the volume of this information is increasing very quickly. Ensuring an adequate level of protection to databases' content is an essential part of any comprehensive security program. Database encryption [DWK-81] is a time-honored technique that introduces an additional layer to conventional network and application-level security solutions, preventing exposure of sensitive information even if the database server is compromised. The scenario is becoming more complicated because many organizations prefer to outsource their data center operations to external application providers rather than allowing direct access to their databases from potentially hostile networks like the Internet. Furthermore, outsourcing relational databases to external providers promises higher availability and more effective disaster protection than in-house operations. As a consequence of this trend toward outsourcing, highly sensitive data are now stored on systems run in locations that are not under the data owner's control, such as leased space and untrusted partners' sites. Therefore, data confidentiality and even integrity can be put at risk by outsourcing data >>>