EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Selective Exchange of Confidential Data in the Outsourcing Scenario

Sabrina Capitani di Vimercati, Sara Foresti, Stefano Paraboschi, Gerardo Pelosi and Pierangela Samarati
Additional contact information
Sabrina Capitani di Vimercati: Dip. di Tecnologie dell’Informazione
Sara Foresti: Dip. di Tecnologie dell’Informazione
Stefano Paraboschi: Università degli Studi di Bergamo, DIIMM
Gerardo Pelosi: Università degli Studi di Bergamo, DIIMM
Pierangela Samarati: Dip. di Tecnologie dell’Informazione

Chapter Chapter 9 in Privacy and Identity Management for Life, 2011, pp 181-198 from Springer

Abstract: Abstract The evolution of information and communication technologies (ICTs) has introduced new ways for sharing and disseminating user-generated content through remote storage, publishing, and disseminating services. From an enterprise oriented point of view, these services offer cost effective and reliable data storage features that any organisation can take advantage of without long setup delays and capital expenses. Also, from an end-user point of view, distributed and shared data storage services offer considerable advantages in terms of reliability and constant availability of data. While on one hand data sharing services encourage and enhance the collaboration among users, on the other hand they need to provide proper protection of data, possibly enforcing access restrictions defined by the data owner. In this chapter, we present an approach for allowing users to delegate to an external service the enforcement of the access control policy on their resources, while at the same time not requiring complete trust in the external service. Our solution relies on the translation of the access control policy into an equivalent encryption policy on resources, and on a hierarchical key structure that exploits the relationships between groups or users. In this way, we limit both the number of keys to be maintained and the amount of encryption to be performed, while keeping a good flexibility with respect to policy updates and revocations.

Keywords: Data Owner; Access Control Policy; External Service; Public Parameter; Authorisation Policy (search for similar items in EconPapers)
Date: 2011
References: Add references at CitEc
Citations:

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:sprchp:978-3-642-20317-6_9

Ordering information: This item can be ordered from
http://www.springer.com/9783642203176

DOI: 10.1007/978-3-642-20317-6_9

Access Statistics for this chapter

More chapters in Springer Books from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-23
Handle: RePEc:spr:sprchp:978-3-642-20317-6_9