Abstract
Nowadays, the global information infrastructure connects remote parties worldwide through the use of large scale networks, relying on application level protocols and services such as the World Wide Web. The vast amounts of personal information thus available has led to growing concerns about the privacy of their users. In this paper, we briefly discuss some privacy issues that have to be considered to address the new needs and desiderata of today’s systems and discuss ongoing work.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akl, S., Taylor, P.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer System 1, 239 (1983)
Ardagna, C.A., Damiani, E., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: CAS++: an open source single sign-on solution for secure e-services. In: Proc. of the 21st IFIP TC-11 International Information Security Conference, Karlstad, Sweden (May 2006)
Ardagna, C.A., Damiani, E., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: Supporting location-based conditions in access control policies. In: ASIACCS 2006. Proc. of the ACM Symposium on InformAtion, Computer and Communications Security, Taipei, Taiwan (March 2006)
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Trust management. In: Petkovic, M., Jonker, W. (eds.) Security, Privacy and Trust in Modern Data Management, Springer, Heidelberg (2007)
Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Towards Privacy-Enhanced Authorization Policies and Languages. In: Proc. of the 19th IFIP WG11.3 Working Conference on Data and Application Security, Storrs, Connecticut USA (August 2005)
Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: CCS 2005. Proc. of the 12th ACM conference on Computer and Communications Security, Alexandria, VA, USA (November 2005)
Cimato, S., Gamassi, M., Piuri, V., Sassi, R., Scotti, F.: Privacy issues in biometric identification. Information Security (October 2006)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: K-anonymity. In: Jajodia, S., Yu, T. (eds.) Security in Decentralized Data Management, Springer, Heidelberg (2007)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Microdata protection. In: Jajodia, S., Yu, T. (eds.) Security in Decentralized Data Management, Springer, Heidelberg (2007)
Corallo, A., Cremonini, M., Damiani, E., De Capitani di Vimercati, S., Elia, G., Samarati, P.: Security, privacy, and trust in mobile systems. In: Mobile and Wireless Systems beyond 3G: managing new business opportunities, Idea Group Inc., USA (2004)
Crampton, J., Martin, K., Wild, P.: On key assignment for hierarchical access control. In: CSFW 2006. Proc. of the 19th IEEE Computer Security Foundations Workshop, Venice, Italy (July 2006)
Damiani, E., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data encryption in outsourced dynamic environments. In: VODCA 2006. Proc. of the Second International Workshop on Views On Designing Complex Architectures, Bertinoro, Italy (September 2006)
Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS 2003. Proc. of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA (October 2003)
De Capitani di Vimercati, S., Samarati, P.: Privacy in the electronic society. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, Springer, Heidelberg (2006) (invited talk)
De Capitani di Vimercati, S., Samarati, P.: Protecting privacy in the global infrastructure. In: Proc. of the International Conference on Information Security and Computer Forensics, Chennai, India (December 2006) (invited talk)
De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic key assignment schemes for any access control policy. Inf. Process. Lett. 92(4), 199–205 (2004)
Gudes, E.: The design of a cryptography based secure file system. IEEE Transactions on Software Engineering 6, 411 (1980)
Hacigümüs, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of the ACM SIGMOD 2002, Madison, Wisconsin, USA (June 2002)
Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proc. of 18th International Conference on Data Engineering, San Jose, California, USA (March 2002)
Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring integrity of encrypted databases in database as a service model. In: Proc. of the IFIP Conference on Data and Applications Security, Estes Park, Colorado, USA (August 2003)
Harn, L., Lin, H.: A cryptographic key generation scheme for multilevel data security. Computers and Security 9, 539 (1990)
Hwang, M., Yang, W.: Controlling access in large partially ordered hierarchies using cryptographic keys. The Journal of Systems and Software 67, 99 (2003)
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2), 214–260 (2001)
Liaw, H.T., Wang, S.J., Lei, C.L.: On the design of a single-key-lock mechanism based on newton’s interpolating polynomial. IEEE Transaction on Software Engineering 15, 1135 (1989)
MacKinnon, S., Taylor, P.D., Meijer, H., Akl, S.G.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transactions on Computers 34(9), 797–802 (1985)
Marsit, N., Hameurlain, A., Mammeri, Z., Morvan, F.: Query processing in mobile environments: a survey and open problems. In: DFMA 2005. Proc. of the First Inernational Conference on Distributed Framework for Multimedia Applications, Besancon, France (February 2005)
Sandhu, R.S.: On some cryptographic solutions for access control in a tree hierarchy. In: Proc. of the 1987 Fall Joint Computer Conference on Exploring Technology: Today and Tomorrow, Dallas, Texas, USA (1987)
Sandhu, R.S.: Cryptographic implementation of a tree hierarchy for access control. Information Processing Letters 27, 95 (1988)
Shen, V.R.L., Chen, T.S.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computer and Security 21, 164 (2002)
van der Horst, T.W., Sundelin, T., Seamons, K.E., Knutson, C.D.: Mobile trust negotiation: Authentication and authorization in dynamic mobile networks. In: Proc. of the Eighth IFIP Conference on Communications and Multimedia Security, Lake Windermere, England (September 2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
De Capitani di Vimercati, S., Samarati, P. (2007). Data Privacy – Problems and Solutions. In: McDaniel, P., Gupta, S.K. (eds) Information Systems Security. ICISS 2007. Lecture Notes in Computer Science, vol 4812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77086-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-77086-2_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77085-5
Online ISBN: 978-3-540-77086-2
eBook Packages: Computer ScienceComputer Science (R0)