Trusting third-party storage providers for holding personal information. A context-based approach to protect identity-related data in untrusted domains


Abstract
The never ending growth of digital information and the availability of low-cost storage facilities and networks capacity is leading users towards moving their data to remote storage resources. Since users’ data often holds identity-related information, several privacy issues arise when data can be stored in untrusted domains. In addition digital identity management is becoming extremely complicated due to the identity replicas proliferation necessary to get authentication in different domains. GMail and Amazon Web Services, for instance, are two examples of online services adopted by million of users throughout the world which hold huge amounts of sensitive users data. State-of-the-art encryption tools for large-scale distributed infrastructures allow users to encrypt content locally before storing it on a remote untrusted repository. This approach can experience performance drawbacks, when very large data-sets must be encrypted/decrypted on a single machine. The proposed approach extends the existing solutions by providing two additional features: (1) the encryption can also be delegated to a pool of remote trusted computing resources, and (2) the definition of the encryption context which drives the tool to select the best strategy to process the data. The performance benchmarks are based on the results of tests carried out both on a local workstation and on the Grid INFN Laboratory for Dissemination Activities (GILDA) testbed.
Keywords Distributed computing  Distributed storage  Secure data storage  Parallelized encryption  Grid computing  Sensitive data  Digital identity
Categories (categorize this paper)
DOI 10.1007/s12394-009-0033-3
Options
Edit this record
Mark as duplicate
Export citation
Find it on Scholar
Request removal from index
Revision history

Download options

Our Archive


Upload a copy of this paper     Check publisher's policy     Papers currently archived: 47,443
Through your library

References found in this work BETA

No references found.

Add more references

Citations of this work BETA

No citations found.

Add more citations

Similar books and articles

A persistent data tracking mechanism for user-centric identity governance.Hidehito Gomi - 2010 - Identity in the Information Society 3 (3):639-656.
Trust and privacy in the future internet—a research perspective.Dirk van Rooy & Jacques Bus - 2010 - Identity in the Information Society 3 (2):397-404.
Information Ethics and the Law of Data Representations.Dan L. Burk - 2008 - Ethics and Information Technology 10 (2-3):135-147.
Ethical Issues in Web Data Mining.Lita van Wel & Lambèr Royakkers - 2004 - Ethics and Information Technology 6 (2):129-140.
Social Web and Identity: A Likely Encounter. [REVIEW]Thierry Nabeth - 2009 - Identity in the Information Society 2 (1):1-5.

Analytics

Added to PP index
2010-12-05

Total views
32 ( #291,695 of 2,292,058 )

Recent downloads (6 months)
4 ( #299,447 of 2,292,058 )

How can I increase my downloads?

Downloads

My notes

Sign in to use this feature