Sciweavers

CCS
2007
ACM

A data outsourcing architecture combining cryptography and access control

14 years 5 months ago
A data outsourcing architecture combining cryptography and access control
Data outsourcing is becoming today a successful solution that allows users and organizations to exploit external servers for the distribution of resources. Some of the most challenging issues in such a scenario are the enforcement of authorization policies and the support of policy updates. Since a common approach for protecting the outsourced data consists in encrypting the data themselves, a promising approach for solving these issues is based on the combination of access control with cryptography. This idea is in itself not new, but the problem of applying it in an outsourced architecture introduces several challenges. In this paper, we first illustrate the basic principles on which an architecture for combining access control and cryptography can be built. We then illustrate an approach for enforcing authorization policies and supporting dynamic authorizations, allowing policy changes and data updates at a limited cost in terms of bandwidth and computational power. Categories and...
Sabrina De Capitani di Vimercati, Sara Foresti, Su
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati
Comments (0)