Regulatory compliant Oblivious RAM

Bogdan Carbunar; Radu Sion

doi:10.1007/978-3-642-13708-2_27

Regulatory compliant Oblivious RAM

Bogdan Carbunar
, Radu Sion

Computer Science

Motorola

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

5 Scopus citations

Abstract

We introduce WORM-ORAM, a first mechanism that combines Oblivious RAM (ORAM) access privacy and data confidentiality with Write Once Read Many (WORM) regulatory data retention guarantees. Clients can outsource their database to a server with full confidentiality and data access privacy, and, for data retention, the server ensures client access WORM semantics. In general simple confidentiality and WORM assurances are easily achievable e.g., via an encrypted outsourced data repository with server-enforced read-only access to existing records (albeit encrypted). However, this becomes hard when also access privacy is to be ensured - when client access patterns are necessarily hidden and the server cannot enforce access control directly.WORM-ORAM overcomes this by deploying a set of zero-knowledge proofs to convince the server that all stages of the protocol are WORM-compliant.

Original language	English
Title of host publication	Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings
Pages	456-474
Number of pages	19
DOIs	https://doi.org/10.1007/978-3-642-13708-2_27
State	Published - 2010
Event	8th International Conference on Applied Cryptography and Network Security, ACNS 2010 - Beijing, China Duration: Jun 22 2010 → Jun 25 2010

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6123 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	8th International Conference on Applied Cryptography and Network Security, ACNS 2010
Country/Territory	China
City	Beijing
Period	06/22/10 → 06/25/10

Access to Document

10.1007/978-3-642-13708-2_27

Cite this

Carbunar, B., & Sion, R. (2010). Regulatory compliant Oblivious RAM. In Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings (pp. 456-474). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6123 LNCS). https://doi.org/10.1007/978-3-642-13708-2_27

@inproceedings{48c7c44cd1ff46499a2fa61e45cf0bdf,

title = "Regulatory compliant Oblivious RAM",

abstract = "We introduce WORM-ORAM, a first mechanism that combines Oblivious RAM (ORAM) access privacy and data confidentiality with Write Once Read Many (WORM) regulatory data retention guarantees. Clients can outsource their database to a server with full confidentiality and data access privacy, and, for data retention, the server ensures client access WORM semantics. In general simple confidentiality and WORM assurances are easily achievable e.g., via an encrypted outsourced data repository with server-enforced read-only access to existing records (albeit encrypted). However, this becomes hard when also access privacy is to be ensured - when client access patterns are necessarily hidden and the server cannot enforce access control directly.WORM-ORAM overcomes this by deploying a set of zero-knowledge proofs to convince the server that all stages of the protocol are WORM-compliant.",

author = "Bogdan Carbunar and Radu Sion",

year = "2010",

doi = "10.1007/978-3-642-13708-2\_27",

language = "English",

isbn = "3642137075",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "456--474",

booktitle = "Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings",

note = "8th International Conference on Applied Cryptography and Network Security, ACNS 2010 ; Conference date: 22-06-2010 Through 25-06-2010",

}

Carbunar, B & Sion, R 2010, Regulatory compliant Oblivious RAM. in Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6123 LNCS, pp. 456-474, 8th International Conference on Applied Cryptography and Network Security, ACNS 2010, Beijing, China, 06/22/10. https://doi.org/10.1007/978-3-642-13708-2_27

Regulatory compliant Oblivious RAM. / Carbunar, Bogdan; Sion, Radu.
Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings. 2010. p. 456-474 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6123 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Regulatory compliant Oblivious RAM

AU - Carbunar, Bogdan

AU - Sion, Radu

PY - 2010

Y1 - 2010

N2 - We introduce WORM-ORAM, a first mechanism that combines Oblivious RAM (ORAM) access privacy and data confidentiality with Write Once Read Many (WORM) regulatory data retention guarantees. Clients can outsource their database to a server with full confidentiality and data access privacy, and, for data retention, the server ensures client access WORM semantics. In general simple confidentiality and WORM assurances are easily achievable e.g., via an encrypted outsourced data repository with server-enforced read-only access to existing records (albeit encrypted). However, this becomes hard when also access privacy is to be ensured - when client access patterns are necessarily hidden and the server cannot enforce access control directly.WORM-ORAM overcomes this by deploying a set of zero-knowledge proofs to convince the server that all stages of the protocol are WORM-compliant.

AB - We introduce WORM-ORAM, a first mechanism that combines Oblivious RAM (ORAM) access privacy and data confidentiality with Write Once Read Many (WORM) regulatory data retention guarantees. Clients can outsource their database to a server with full confidentiality and data access privacy, and, for data retention, the server ensures client access WORM semantics. In general simple confidentiality and WORM assurances are easily achievable e.g., via an encrypted outsourced data repository with server-enforced read-only access to existing records (albeit encrypted). However, this becomes hard when also access privacy is to be ensured - when client access patterns are necessarily hidden and the server cannot enforce access control directly.WORM-ORAM overcomes this by deploying a set of zero-knowledge proofs to convince the server that all stages of the protocol are WORM-compliant.

UR - https://www.scopus.com/pages/publications/79956312604

U2 - 10.1007/978-3-642-13708-2_27

DO - 10.1007/978-3-642-13708-2_27

M3 - Conference contribution

AN - SCOPUS:79956312604

SN - 3642137075

SN - 9783642137075

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 456

EP - 474

BT - Applied Cryptography and Network Security - 8th International Conference, ACNS 2010, Proceedings

T2 - 8th International Conference on Applied Cryptography and Network Security, ACNS 2010

Y2 - 22 June 2010 through 25 June 2010

ER -

Regulatory compliant Oblivious RAM

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this