TY - GEN
T1 - A privacy preserving selective authorization enforcement approach in DaaS
AU - Tian, Xiu Xia
AU - Wang, Xiao Ling
AU - Zhou, Ao Ying
PY - 2011
Y1 - 2011
N2 - Database as a Service(DaaS) is a practical and useful paradigm, in which the Database Service Provider(DSP) hosts the delegated database generated from the Source DB of Data Owner(DO). Due to the untrusted DSP, most of the proposed approaches were concentrated on using encryption to guarantee the privacy of delegated database and using partition based index to speed up the query. However, few papers were proposed to guarantee the privacy of delegated access control policies. Therefore in order to improve the usability of delegated database and guarantee the privacy of delegated access control policies, a critical problem to be addressed in DaaS is to make the DSP enforce the delegated selective authorization policies correctly, but know nothing about the privacy of users or the privacy of delegated authorization policies. In this paper, we present a privacy preserving selective authorization enforcement approach to resolve the critical problem above. By using selective encryption, Pedersen commitment and access control policy polynomial, the privacy of delegated access control policies and the privacy of users can be efficiently guaranteed. Finally we analyze the security properties of our approach from different aspects.
AB - Database as a Service(DaaS) is a practical and useful paradigm, in which the Database Service Provider(DSP) hosts the delegated database generated from the Source DB of Data Owner(DO). Due to the untrusted DSP, most of the proposed approaches were concentrated on using encryption to guarantee the privacy of delegated database and using partition based index to speed up the query. However, few papers were proposed to guarantee the privacy of delegated access control policies. Therefore in order to improve the usability of delegated database and guarantee the privacy of delegated access control policies, a critical problem to be addressed in DaaS is to make the DSP enforce the delegated selective authorization policies correctly, but know nothing about the privacy of users or the privacy of delegated authorization policies. In this paper, we present a privacy preserving selective authorization enforcement approach to resolve the critical problem above. By using selective encryption, Pedersen commitment and access control policy polynomial, the privacy of delegated access control policies and the privacy of users can be efficiently guaranteed. Finally we analyze the security properties of our approach from different aspects.
KW - Access control policy polynomial
KW - DaaS
KW - Selective authorization
KW - Selective encryption
UR - https://www.scopus.com/pages/publications/80053395080
U2 - 10.1109/SERVICES.2011.59
DO - 10.1109/SERVICES.2011.59
M3 - 会议稿件
AN - SCOPUS:80053395080
SN - 9780769544618
T3 - Proceedings - 2011 IEEE World Congress on Services, SERVICES 2011
SP - 363
EP - 370
BT - Proceedings - 2011 IEEE World Congress on Services, SERVICES 2011
T2 - 2011 IEEE World Congress on Services, SERVICES 2011
Y2 - 4 July 2011 through 9 July 2011
ER -