Preserving Privacy in Data Outsourcing

In this book, the authorhas taken a comprehensive approach for protecting sensitive information when it is stored on systems that are not under the data owner’s control. There aremainly three security requirements that need to be considered when designing a system for ensuring con?dentiality of data stored and managed by a honest-but-curious server. The ?rst requirement is access control enforcement to limit the ability of authorized users to access system’s resources.The second requirement is privacy protection to limit the visibility of stored/published data to non authorized users while minimizing the adoption of encryption. Data collections often contain personally identi?able information that needs to be protected both at storage and when disseminated toother parties. The third requirement is safe data integration to limit the ability of authorized users to exchange data for distributed query evaluation.In this book, author address all these three security requirements by de?ning a model and a mechanism for enforcing access control on outsourced data; by introducing a fragmentation and encryption approach for enforcing privacy constraints; and by designing a technique for regulating data ?ows among different parties.