IDEAS home Printed from https://ideas.repec.org/h/spr/sprchp/978-3-642-20317-6_9.html
   My bibliography  Save this book chapter

Selective Exchange of Confidential Data in the Outsourcing Scenario

In: Privacy and Identity Management for Life

Author

Listed:
  • Sabrina Capitani di Vimercati

    (Dip. di Tecnologie dell’Informazione)

  • Sara Foresti

    (Dip. di Tecnologie dell’Informazione)

  • Stefano Paraboschi

    (Università degli Studi di Bergamo, DIIMM)

  • Gerardo Pelosi

    (Università degli Studi di Bergamo, DIIMM)

  • Pierangela Samarati

    (Dip. di Tecnologie dell’Informazione)

Abstract

The evolution of information and communication technologies (ICTs) has introduced new ways for sharing and disseminating user-generated content through remote storage, publishing, and disseminating services. From an enterprise oriented point of view, these services offer cost effective and reliable data storage features that any organisation can take advantage of without long setup delays and capital expenses. Also, from an end-user point of view, distributed and shared data storage services offer considerable advantages in terms of reliability and constant availability of data. While on one hand data sharing services encourage and enhance the collaboration among users, on the other hand they need to provide proper protection of data, possibly enforcing access restrictions defined by the data owner. In this chapter, we present an approach for allowing users to delegate to an external service the enforcement of the access control policy on their resources, while at the same time not requiring complete trust in the external service. Our solution relies on the translation of the access control policy into an equivalent encryption policy on resources, and on a hierarchical key structure that exploits the relationships between groups or users. In this way, we limit both the number of keys to be maintained and the amount of encryption to be performed, while keeping a good flexibility with respect to policy updates and revocations.

Suggested Citation

  • Sabrina Capitani di Vimercati & Sara Foresti & Stefano Paraboschi & Gerardo Pelosi & Pierangela Samarati, 2011. "Selective Exchange of Confidential Data in the Outsourcing Scenario," Springer Books, in: Jan Camenisch & Simone Fischer-Hübner & Kai Rannenberg (ed.), Privacy and Identity Management for Life, chapter 0, pages 181-198, Springer.
    • Handle: RePEc:spr:sprchp:978-3-642-20317-6_9
    DOI: 10.1007/978-3-642-20317-6_9
    as

    Download full text from publisher

    To our knowledge, this item is not available for download. To find whether it is available, there are three options:
    1. Check below whether another version of this item is available online.
    2. Check on the provider's web page whether it is in fact available.
    3. Perform a search for a similarly titled item that would be available.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:sprchp:978-3-642-20317-6_9. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.