Skip to main content
SpringerLink
Log in

Data Privacy – Problems and Solutions

  • Conference paper
Information Systems Security (ICISS 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4812))

Included in the following conference series:

Abstract

Nowadays, the global information infrastructure connects remote parties worldwide through the use of large scale networks, relying on application level protocols and services such as the World Wide Web. The vast amounts of personal information thus available has led to growing concerns about the privacy of their users. In this paper, we briefly discuss some privacy issues that have to be considered to address the new needs and desiderata of today’s systems and discuss ongoing work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akl, S., Taylor, P.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer System 1, 239 (1983)

    Article  Google Scholar 

  2. Ardagna, C.A., Damiani, E., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: CAS++: an open source single sign-on solution for secure e-services. In: Proc. of the 21st IFIP TC-11 International Information Security Conference, Karlstad, Sweden (May 2006)

    Google Scholar 

  3. Ardagna, C.A., Damiani, E., Cremonini, M., De Capitani di Vimercati, S., Samarati, P.: Supporting location-based conditions in access control policies. In: ASIACCS 2006. Proc. of the ACM Symposium on InformAtion, Computer and Communications Security, Taipei, Taiwan (March 2006)

    Google Scholar 

  4. Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Trust management. In: Petkovic, M., Jonker, W. (eds.) Security, Privacy and Trust in Modern Data Management, Springer, Heidelberg (2007)

    Google Scholar 

  5. Ardagna, C.A., Damiani, E., De Capitani di Vimercati, S., Samarati, P.: Towards Privacy-Enhanced Authorization Policies and Languages. In: Proc. of the 19th IFIP WG11.3 Working Conference on Data and Application Security, Storrs, Connecticut USA (August 2005)

    Google Scholar 

  6. Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: CCS 2005. Proc. of the 12th ACM conference on Computer and Communications Security, Alexandria, VA, USA (November 2005)

    Google Scholar 

  7. Cimato, S., Gamassi, M., Piuri, V., Sassi, R., Scotti, F.: Privacy issues in biometric identification. Information Security (October 2006)

    Google Scholar 

  8. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: K-anonymity. In: Jajodia, S., Yu, T. (eds.) Security in Decentralized Data Management, Springer, Heidelberg (2007)

    Google Scholar 

  9. Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Microdata protection. In: Jajodia, S., Yu, T. (eds.) Security in Decentralized Data Management, Springer, Heidelberg (2007)

    Google Scholar 

  10. Corallo, A., Cremonini, M., Damiani, E., De Capitani di Vimercati, S., Elia, G., Samarati, P.: Security, privacy, and trust in mobile systems. In: Mobile and Wireless Systems beyond 3G: managing new business opportunities, Idea Group Inc., USA (2004)

    Google Scholar 

  11. Crampton, J., Martin, K., Wild, P.: On key assignment for hierarchical access control. In: CSFW 2006. Proc. of the 19th IEEE Computer Security Foundations Workshop, Venice, Italy (July 2006)

    Google Scholar 

  12. Damiani, E., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Selective data encryption in outsourced dynamic environments. In: VODCA 2006. Proc. of the Second International Workshop on Views On Designing Complex Architectures, Bertinoro, Italy (September 2006)

    Google Scholar 

  13. Damiani, E., De Capitani di Vimercati, S., Jajodia, S., Paraboschi, S., Samarati, P.: Balancing confidentiality and efficiency in untrusted relational DBMSs. In: CCS 2003. Proc. of the 10th ACM Conference on Computer and Communications Security, Washington, DC, USA (October 2003)

    Google Scholar 

  14. De Capitani di Vimercati, S., Samarati, P.: Privacy in the electronic society. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, Springer, Heidelberg (2006) (invited talk)

    Chapter  Google Scholar 

  15. De Capitani di Vimercati, S., Samarati, P.: Protecting privacy in the global infrastructure. In: Proc. of the International Conference on Information Security and Computer Forensics, Chennai, India (December 2006) (invited talk)

    Google Scholar 

  16. De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic key assignment schemes for any access control policy. Inf. Process. Lett. 92(4), 199–205 (2004)

    Article  Google Scholar 

  17. Gudes, E.: The design of a cryptography based secure file system. IEEE Transactions on Software Engineering 6, 411 (1980)

    Article  Google Scholar 

  18. Hacigümüs, H., Iyer, B., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database-service-provider model. In: Proc. of the ACM SIGMOD 2002, Madison, Wisconsin, USA (June 2002)

    Google Scholar 

  19. Hacigümüs, H., Iyer, B., Mehrotra, S.: Providing database as a service. In: Proc. of 18th International Conference on Data Engineering, San Jose, California, USA (March 2002)

    Google Scholar 

  20. Hacigümüs, H., Iyer, B., Mehrotra, S.: Ensuring integrity of encrypted databases in database as a service model. In: Proc. of the IFIP Conference on Data and Applications Security, Estes Park, Colorado, USA (August 2003)

    Google Scholar 

  21. Harn, L., Lin, H.: A cryptographic key generation scheme for multilevel data security. Computers and Security 9, 539 (1990)

    Article  Google Scholar 

  22. Hwang, M., Yang, W.: Controlling access in large partially ordered hierarchies using cryptographic keys. The Journal of Systems and Software 67, 99 (2003)

    Article  Google Scholar 

  23. Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2), 214–260 (2001)

    Article  Google Scholar 

  24. Liaw, H.T., Wang, S.J., Lei, C.L.: On the design of a single-key-lock mechanism based on newton’s interpolating polynomial. IEEE Transaction on Software Engineering 15, 1135 (1989)

    Article  Google Scholar 

  25. MacKinnon, S., Taylor, P.D., Meijer, H., Akl, S.G.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transactions on Computers 34(9), 797–802 (1985)

    Article  Google Scholar 

  26. Marsit, N., Hameurlain, A., Mammeri, Z., Morvan, F.: Query processing in mobile environments: a survey and open problems. In: DFMA 2005. Proc. of the First Inernational Conference on Distributed Framework for Multimedia Applications, Besancon, France (February 2005)

    Google Scholar 

  27. Sandhu, R.S.: On some cryptographic solutions for access control in a tree hierarchy. In: Proc. of the 1987 Fall Joint Computer Conference on Exploring Technology: Today and Tomorrow, Dallas, Texas, USA (1987)

    Google Scholar 

  28. Sandhu, R.S.: Cryptographic implementation of a tree hierarchy for access control. Information Processing Letters 27, 95 (1988)

    Article  Google Scholar 

  29. Shen, V.R.L., Chen, T.S.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computer and Security 21, 164 (2002)

    Article  Google Scholar 

  30. van der Horst, T.W., Sundelin, T., Seamons, K.E., Knutson, C.D.: Mobile trust negotiation: Authentication and authorization in dynamic mobile networks. In: Proc. of the Eighth IFIP Conference on Communications and Multimedia Security, Lake Windermere, England (September 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Tecnologie dell’Informazione, Università degli Studi di Milano, Via Bramante 65 - 26013 Crema (CR), Italy

    Sabrina De Capitani di Vimercati & Pierangela Samarati

Authors
  1. Sabrina De Capitani di Vimercati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pierangela Samarati
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Patrick McDaniel Shyam K. Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

De Capitani di Vimercati, S., Samarati, P. (2007). Data Privacy – Problems and Solutions. In: McDaniel, P., Gupta, S.K. (eds) Information Systems Security. ICISS 2007. Lecture Notes in Computer Science, vol 4812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77086-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77086-2_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77085-5

  • Online ISBN: 978-3-540-77086-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation