We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced accounting for the information content carried in the computation to ensure no information is improperly leaked and adjusting visibility of data on-the-fly. Assignment of operations to subjects takes into consideration the cost of operation execution as well as of the encryption/decryption operations needed to make the assignment authorized. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.

(2022). An authorization model for query execution in the cloud [journal article - articolo]. In VLDB JOURNAL. Retrieved from http://hdl.handle.net/10446/202634

An authorization model for query execution in the cloud

Paraboschi, Stefano;
2022-01-01

Abstract

We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced accounting for the information content carried in the computation to ensure no information is improperly leaked and adjusting visibility of data on-the-fly. Assignment of operations to subjects takes into consideration the cost of operation execution as well as of the encryption/decryption operations needed to make the assignment authorized. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.
articolo
2022
VLDB JOURNAL
De Capitani di Vimercati, Sabrina; Foresti, Sara; Jajodia, Sushil; Livraga, Giovanni; Paraboschi, Stefano; Samarati, Pierangela
(2022). An authorization model for query execution in the cloud [journal article - articolo]. In VLDB JOURNAL. Retrieved from http://hdl.handle.net/10446/202634
File allegato/i alla scheda:
File Dimensione del file Formato  
dfjlps-vldbj2021.pdf

accesso aperto

Versione: postprint - versione referata/accettata senza referaggio
Licenza: Licenza default Aisberg
Dimensione del file 916.73 kB
Formato Adobe PDF
Visualizza/Apri
916.73 kB Adobe PDF Visualizza/Apri
DeCapitaniDiVimercati2021_Article_AnAuthorizationModelForQueryEx.pdf

Solo gestori di archivio

Versione: publisher's version - versione editoriale
Licenza: Licenza default Aisberg
Dimensione del file 1.86 MB
Formato Adobe PDF
  Visualizza/Apri
1.86 MB Adobe PDF   Visualizza/Apri
Pubblicazioni consigliate

Aisberg ©2008 Servizi bibliotecari, Università degli studi di Bergamo | Terms of use/Condizioni di utilizzo

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10446/202634
Citazioni
  • Scopus 4
  • ???jsp.display-item.citation.isi??? 1
social impact