Sharif Digital Repository

This paper proposes a horizontal fragmentation method to preserve privacy in data outsourcing. The basic idea is to identify sensitive tuples, anonymize them based on a privacy model and store them at the external server. The remaining non-sensitive tuples are also stored at the server side. While our method departs from using encryption, it outsources all the data to the server; the two important goals that existing methods are unable to achieve simultaneously. The main application of the method is for scenarios where encrypting or not outsourcing sensitive data may not guarantee the privacy  

Recently, there has been shown a great interest in the private set intersection (PSI) protocols which are widely used in social networks applications. In a PSI protocol two entities are able to find the intersection of their document set without inferring more information than the common data. In some PSI protocols the process of finding the intersections of the documents are delegated to a third entity like cloud which has high computational and storage resources and the clients can verify the accuracy of the received results. These protocols are known as the Verifiable Delegated Set Intersection (VDSI). In this paper, we proposed an efficient VDSI protocol by employing the El-Gamal... 

One of the security issues in data outsourcing scenario is the enforcement of data owner's access control policies. This includes some challenges; namely, the number of keys required to access authorized resources, efficient policy updating, write access control enforcement, user and data owner overhead, and preserving confidentiality of data and policies. Most of the existing solutions address only some of the challenges, while they impose high overhead on both the data owner and users. Though, policy management in the Role-Based Access Control (RBAC) model is easier and more efficient due to the existence of role hierarchical structure and role inheritance; most of the existing solutions... 

Researchers have been studying security challenges of database outsourcing for almost a decade. Privacy of outsourced data is one of the main challenges when the "Database As a Service" model is adopted in the service oriented trend of the cloud computing paradigm. This is due to the insecurity of the network environment or even the untrustworthiness of the service providers. This paper proposes a method to preserve privacy of outsourced data based on Shamir's secret sharing scheme. We split attribute values into several parts and distribute them among untrusted servers. The problem of using secret sharing in data outsourcing scenario is how to search efficiently within the randomly... 

Nowadays, data outsourcing has become a solution for many organizations especially large scale enterprises due to the high costs of in-house management of the rapidly growing data. Among all security requirements in this context, user access control and its following dynamic changes are of interest. In this paper, we propose an efficient and reliable mechanism to solve this problem in owner-write-users-read applications. A novel solution is introduced to enforce access control on outsourced data using the Chinese Remainder Theorem. The solution allows updating policy changes at a limited cost in terms of both computational power and the number of users' secret keys. Although the server, on...