The Experts below are selected from a list of 156 Experts worldwide ranked by ideXlab platform
Pierangela Samarati - One of the best experts on this subject based on the ideXlab platform.
-
Quality of Protection - Measuring Inference Exposure in Outsourced Encrypted Databases
Quality of Protection, 2006Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Pierangela Samarati, Marco VivianiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where an encrypted client's database is stored at an External Service Provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption.
-
metadata management in outsourced encrypted databases
Very Large Data Bases, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
-
StorageSS - Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service (DAS), where an organization's database is stored at an External Service Provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for External use.In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.
-
Secure Data Management - Metadata management in outsourced encrypted databases
Lecture Notes in Computer Science, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
Ernesto Damiani - One of the best experts on this subject based on the ideXlab platform.
-
Quality of Protection - Measuring Inference Exposure in Outsourced Encrypted Databases
Quality of Protection, 2006Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Pierangela Samarati, Marco VivianiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where an encrypted client's database is stored at an External Service Provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption.
-
metadata management in outsourced encrypted databases
Very Large Data Bases, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
-
StorageSS - Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service (DAS), where an organization's database is stored at an External Service Provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for External use.In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.
-
Secure Data Management - Metadata management in outsourced encrypted databases
Lecture Notes in Computer Science, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
Larisa Shwartz - One of the best experts on this subject based on the ideXlab platform.
-
BDIM - Dynamic management of outsourced Service processes’ QoS in a Service Provider - Service supplier environment
2008 3rd IEEE IFIP International Workshop on Business-driven IT Management, 2008Co-Authors: Genady Grabarnik, Heiko Ludwig, Larisa ShwartzAbstract:IT Service Providers typically must comply with Service level agreements that are part of their usage contracts with customers. Not only IT infrastructure is subject to Service level guarantees such as availability or response time but also Service management processes as defined by the IT Infrastructure Library (ITIL) such as change and incident processes and the fulfillment of Service requests. SLAs relating to Service management processes typically address metrics such as initial response time and fulfillment time. Large Service Providers have the choice of which internal Service delivery team or External Service Provider they assign to parts of a Service process, each Provider having different costs or prices associated with it for different turn-around times at different risk. This choice in QoS and cost of different Service Providers can be used to manage the trade-off between penalty costs and fulfillment cost. This paper proposes a model as a basis for Service Provider choice at process runtime, taking into account the progress of a process so far and the availability of Service capacity at Service suppliers. This model can be used to reduce total Service costs of IT Service Providers deciding on alternative delivery teams and External Service Providers when needed and based on current process performance.
-
management of Service process qos in a Service Provider Service supplier environment
Congress on Evolutionary Computation, 2007Co-Authors: Genady Grabarnik, Heiko Ludwig, Larisa ShwartzAbstract:IT Service Providers typically must comply with Service level agreements that are part of their usage contracts with customers. Not only IT infrastructure is subject to Service level guarantees such as availability or response time but also Service management processes as defined by the IT infrastructure library (ITIL) such as change and incident processes and the fulfillment of Service requests. SLAs relating to Service management processes typically address metrics such as initial response time and fulfillment time. Large Service Providers have the choice of which internal Service delivery team or External Service Provider they assign to atomic processs of a Service process, each of which having different costs or prices associated with it for different turn-around times at different risk. This choice in QoS of different Service Providers can be used to manage the trade-off between penalty costs and fulfillment cost. This paper proposes a model as a basis for Service Provider choice at process request time. This model can be used to reduce total Service costs of IT Service Providers using alternative delivery teams and External Service Providers.
-
CEC/EEE - Management of Service Process QoS in a Service Provider - Service Supplier Environment
The 9th IEEE International Conference on E-Commerce Technology and The 4th IEEE International Conference on Enterprise Computing E-Commerce and E-Serv, 2007Co-Authors: Genady Grabarnik, Heiko Ludwig, Larisa ShwartzAbstract:IT Service Providers typically must comply with Service level agreements that are part of their usage contracts with customers. Not only IT infrastructure is subject to Service level guarantees such as availability or response time but also Service management processes as defined by the IT infrastructure library (ITIL) such as change and incident processes and the fulfillment of Service requests. SLAs relating to Service management processes typically address metrics such as initial response time and fulfillment time. Large Service Providers have the choice of which internal Service delivery team or External Service Provider they assign to atomic processs of a Service process, each of which having different costs or prices associated with it for different turn-around times at different risk. This choice in QoS of different Service Providers can be used to manage the trade-off between penalty costs and fulfillment cost. This paper proposes a model as a basis for Service Provider choice at process request time. This model can be used to reduce total Service costs of IT Service Providers using alternative delivery teams and External Service Providers.
Sara Foresti - One of the best experts on this subject based on the ideXlab platform.
-
Quality of Protection - Measuring Inference Exposure in Outsourced Encrypted Databases
Quality of Protection, 2006Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Pierangela Samarati, Marco VivianiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where an encrypted client's database is stored at an External Service Provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption.
-
metadata management in outsourced encrypted databases
Very Large Data Bases, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
-
StorageSS - Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service (DAS), where an organization's database is stored at an External Service Provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for External use.In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.
-
Secure Data Management - Metadata management in outsourced encrypted databases
Lecture Notes in Computer Science, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
S. De Capitani Di Vimercati - One of the best experts on this subject based on the ideXlab platform.
-
Quality of Protection - Measuring Inference Exposure in Outsourced Encrypted Databases
Quality of Protection, 2006Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Pierangela Samarati, Marco VivianiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where an encrypted client's database is stored at an External Service Provider. Existing proposals for querying encrypted databases are based on the association, with each encrypted tuple, of additional indexing information obtained from the plaintext values of attributes that can be used in the queries. However, the relationship between indexes and data should not open the door to inference and linking attacks that can compromise the protection granted by encryption.
-
metadata management in outsourced encrypted databases
Very Large Data Bases, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
-
StorageSS - Key management for multi-user encrypted databases
Proceedings of the 2005 ACM workshop on Storage security and survivability - StorageSS '05, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service (DAS), where an organization's database is stored at an External Service Provider. In such a scenario, access control is a very important issue, especially if the data owner wishes to publish her data for External use.In this paper, we first present our approach for the implementation of access control through selective encryption. The focus of the paper is then the presentation of the experimental results, which demonstrate the applicability of our proposal.
-
Secure Data Management - Metadata management in outsourced encrypted databases
Lecture Notes in Computer Science, 2005Co-Authors: Ernesto Damiani, S. De Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela SamaratiAbstract:Database outsourcing is becoming increasingly popular introducing a new paradigm, called database-as-a-Service, where a client’s database is stored at an External Service Provider. Outsourcing databases to External Providers promises higher availability and more effective disaster protection than in-house operations. This scenario presents new research challenges on which the usability of the system is based. In particular, one important aspect is the metadata that must be provided to support the proper working of the system. In this paper, we illustrate the metadata that are needed, at the client and server, to store and retrieve mapping information for processing a query issued by a client application to the server storing the outsourced database. We also present an approach to develop an efficient access control technique and the corresponding metadata needed for its enforcement.
