A column-level access control mechanism for database outsourcing service

Abstract

Database outsourcing is emerging today as a successful paradigm allowing data owners to ship  their  data  to  the  external service provider  for the  distribution  of resources. An important problem to be addressed in this paradigm concerns the  protection of outsourced data from unauthorized access even from the service provider’s server, which is not fully trusted. Several encryption  schemes  and  access control mechanisms have been suggested to protect the outsourced data  from unauthorized disclosure. However, by implementing these approaches, data  owners are not capable of controlling and protecting the disclosure of the  individual sensitive  attributes of their data. Therefore, we propose a  new column-level access control mechanism that is based on subkeys, which would allow a  data owner to further control the access to his data at the column-level. We also propose a new mechanism to efficiently reduce the number of keys maintained by a data owner in cases when the users have different access privileges to different columns of the data being shared.