© 2011

Preserving Privacy in Data Outsourcing


Part of the Advances in Information Security book series (ADIS, volume 51)

Table of contents

  1. Front Matter
    Pages i-xv
  2. Sara Foresti
    Pages 1-7
  3. Sara Foresti
    Pages 9-30
  4. Sara Foresti
    Pages 171-174
  5. Back Matter
    Pages 175-180

About this book


Privacy requirements have an increasing impact on the realization of modern applications. Commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external parties. Current approaches encrypt sensitive data, thus reducing query execution efficiency and preventing selective information release.

Preserving Privacy in Data Outsourcing presents a comprehensive approach for protecting highly sensitive information when it is stored on systems that are not under the data owner's control. The approach illustrated combines access control and encryption, enforcing access control via structured encryption. This solution, coupled with efficient algorithms for key derivation and distribution, provides efficient and secure authorization management on outsourced data, allowing the data owner to outsource not only the data but the security policy itself. To reduce the amount of data to be encrypted the book also investigates data fragmentation as a possible way to protect privacy of data associations and provide fragmentation as a complementary means for protecting privacy: associations broken by fragmentation will be visible only to users authorized (by knowing the proper key) to join fragments. The book finally investigates the problem of executing queries over possible data distributed at different servers and which must be controlled to ensure sensitive information and sensitive associations be visible only to parties authorized for that. Case Studies are provided throughout the book.

Privacy, data mining, data protection, data outsourcing, electronic commerce, machine learning professionals and others working in these related fields will find this book a valuable asset, as well as primary associations such as ACM, IEEE and Management Science. This book is also suitable for advanced level students and researchers concentrating on computer science as a secondary text or reference book.


access control currentjm data mining data model data outsourcing data protection data security distributed encryption privacy security systems teletalk (?)

Authors and affiliations

  1. 1.Dipto. Tecnologie dell'informazioneUniversità di MilanoCremaItaly

Bibliographic information

Industry Sectors
Chemical Manufacturing
IT & Software
Consumer Packaged Goods
Finance, Business & Banking
Energy, Utilities & Environment