Access Control and Query Verification for Untrusted Databases

Abstract : With the advent of Cloud Computing, data are increasingly being stored and processed by untrusted third-party servers on the Internet. Since the data owner lacks direct control over the hardware and the software running at the server, there is a need to ensure that the data are not read or modified by unauthorized entities. Even though a simple encryption of the data before transferring it to the server ensures that only authorized entities who have the private key can access the data, it has many drawbacks. Encryption alone does not ensure that the retrieved query results are trustworthy (e.g., retrieved values are the latest values and not stale). A simple encryption can not enforce access control policies where each entity has access rights to only a certain part of the database. In this paper, we provide a solution to enforce access control policies while ensuring the trustworthiness of the data. Our solution ensures that a particular data item is read and modified by only those entities who have been authorized by the data owner to access that data item. It provides privacy against malicious entities that somehow get access to the data stored at the server. Our solutions allow easy change in access control policies under the lazy revocation model under which a user’s access to a subset of the data can be revoked so that the user can not read any new values in that subset of the data. Our solution also provides correctness and completeness verification of query results in the presence of access control policies. We implement our solution in a prototype system built on top of Oracle with no modifications to the database internals. We also provide an empirical evaluation of the proposed solutions and establish their feasibility.
Type de document :
Communication dans un congrès
Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.211-225, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_14〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01490706
Contributeur : Hal Ifip <>
Soumis le : mercredi 15 mars 2017 - 17:15:42
Dernière modification le : jeudi 16 mars 2017 - 09:24:25
Document(s) archivé(s) le : vendredi 16 juin 2017 - 15:11:29

Fichier

978-3-642-39256-6_14_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Rohit Jain, Sunil Prabhakar. Access Control and Query Verification for Untrusted Databases. Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.211-225, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_14〉. 〈hal-01490706〉

Partager

Métriques

Consultations de la notice

164

Téléchargements de fichiers

26