We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Reseach Article

A Heuristic Approach for Encryption Policies in Data Outsourcing

by B. N. Jagdale, Vidya S. Kurtadikar, J. W. Bakal
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 51 - Number 12
Year of Publication: 2012
Authors: B. N. Jagdale, Vidya S. Kurtadikar, J. W. Bakal
10.5120/8091-1669

B. N. Jagdale, Vidya S. Kurtadikar, J. W. Bakal . A Heuristic Approach for Encryption Policies in Data Outsourcing. International Journal of Computer Applications. 51, 12 ( August 2012), 1-6. DOI=10.5120/8091-1669

@article{ 10.5120/8091-1669,
author = { B. N. Jagdale, Vidya S. Kurtadikar, J. W. Bakal },
title = { A Heuristic Approach for Encryption Policies in Data Outsourcing },
journal = { International Journal of Computer Applications },
issue_date = { August 2012 },
volume = { 51 },
number = { 12 },
month = { August },
year = { 2012 },
issn = { 0975-8887 },
pages = { 1-6 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume51/number12/8091-1669/ },
doi = { 10.5120/8091-1669 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:50:10.888611+05:30
%A B. N. Jagdale
%A Vidya S. Kurtadikar
%A J. W. Bakal
%T A Heuristic Approach for Encryption Policies in Data Outsourcing
%J International Journal of Computer Applications
%@ 0975-8887
%V 51
%N 12
%P 1-6
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In the era of globalization and dynamic world economies, data outsourcing is inevitable. Security is major concern in data outsourcing environment since data is under the custody of a third party service provider. In present systems DBAs of third party can access and view data even though they are not authorized to do so. This may lead to serious data theft and leakages causing severe business impact to data owner. There are certain many such cases occurred in financial and insurance sector. In this paper we have proposed a novel solution to overcome the problem by combining access control with encryption and digital signature of data. A heuristic approach is presented to convert an authorization policy into an equivalent encryption policy while minimizing the no of keys and tokens to be managed. Different policy enforcement can be applied to different dataset as per security and integrity requirement.

References
  1. Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati, Encryption Policies for Regulating Access to Outsourced Data ACM Transactions on Database Systems, Vol. 35, No. 2, Article 12, Publication date: April 2010.
  2. Mikhail J. Atallah, Marina Blanton, Nelly Fazio, Keith B. Frikken,, Dynamic and efficient key management for access hierarchies, ACM Transactions on Information and System Security, Vol. 12, No. 3, Article 18, Pub. date: January 2009.
  3. Shucheng Yu, Cong Wang, Kui Ren, Wenjing Lou, Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing, INFOCOM, 2010 Proceedings IEEE , Publication Year: 2010.
  4. Malek, B. Miri, A. , Combining Attribute-Based and Access Systems , Computational Science and Engineering, 2009. CSE '09. International Conference, Publication Year: 2009.
  5. Shuai Liu ,Wei Li, Lingyu Wang, Towards Efficient Over-Encryption in Outsourced Databases Using Secret Sharing, New Technologies, Mobility and Security, 2008. NTMS '08.
  6. Pierangela Samarati, Sabrina De Capitani di Vimercati, Data protection in outsourcing scenarios: issues and directions, April 2010 ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security.
  7. Sabrina De Capitani di Vimercati, Sara Foresti, Stefano Paraboschi, Pierangela Samarati,Privacy of Outsourced Data, 2007 Auerbach Publications (Taylor and Francis Group), Digital Privacy: Theory, Technologies and Practices.
  8. Crampton, J. ,Martin, K. , And Wild, P. 2006. , On key assignment for hierarchical access control, In Proceedings of the IEEE Computer Security Foundations Workshop (CSFW'06). IEEE Computer Society, Washington, 98–111.
  9. S. MacKinnon, P. Taylor, H. Meijer, and S. Akl. , An optimal algorithm for assigning cryptographic keys to control access in a hierarchy, IEEE Transactions on Computers, C-34(9):797–802, 1985.
  10. DE SANTIS, A. , FERRARA, A. L. , AND MASUCCI, B. 2004. Cryptographic key assignment schemes for any access control policy, Inform. Process. Lett. 92, 4, 199–205.
  11. GUDES, E. 1980. The design of a cryptography based secure file system. IEEE Trans. Software. Engineering. 6, 5, 411–420.
  12. HACIG ¨UM¨US, H. , IYER, B. , AND MEHROTRA, S. 2002a. Providing database as a service. In Proceedings of the International Conference on Data Engineering (ICDE'02). IEEE Computer Society, Washington, 29–39.
  13. HARN, L. AND LIN, H. 1990. A cryptographic key generation scheme for multilevel data security. Computer. Security. 9, 6, 539–546.
Index Terms

Computer Science
Information Sciences

Keywords

Access Control Data outsourcing Encryption Policy Efficient Key Derivation and Digital Signature