In the past few years, outsourcing private data to untrusted servers has become an important challenge. This raises severe questions concerning the security and privacy of the data on the external storage. In this paper we consider a scenario where multiple clients want to share data on a server, while hiding all access patterns. We propose here a first solution to this problem based on Oblivious RAM (ORAM) techniques. Data owners can delegate rights to external new clients enabling them to privately access portions of the outsourced data served by a curious server. Our solution is as efficient as the underlying ORAM constructs and allows for delegated read or write access while ensuring strong guarantees for the privacy of the outsourced data. The server does not learn anything about client access patterns while clients do not learn anything more than what their delegated rights permit.
|Number of pages||14|
|Publication status||Published - 4 Mar 2011|
|Event||15th International Conference on Financial Cryptography and Data Security, FC 2011 - Gros Islet, St. Lucia|
Duration: 28 Feb 2011 → 4 Mar 2011
|Conference||15th International Conference on Financial Cryptography and Data Security, FC 2011|
|Period||28/02/11 → 4/03/11|
|Other||28 February - 04 March 2011|