Regulatory compliant Oblivious RAM Conference

Carbunar, B, Sion, R. (2010). Regulatory compliant Oblivious RAM . LECTURE NOTES IN COMPUTER SCIENCE, 6123 LNCS 456-474. 10.1007/978-3-642-13708-2_27

cited authors

  • Carbunar, B; Sion, R

authors

abstract

  • We introduce WORM-ORAM, a first mechanism that combines Oblivious RAM (ORAM) access privacy and data confidentiality with Write Once Read Many (WORM) regulatory data retention guarantees. Clients can outsource their database to a server with full confidentiality and data access privacy, and, for data retention, the server ensures client access WORM semantics. In general simple confidentiality and WORM assurances are easily achievable e.g., via an encrypted outsourced data repository with server-enforced read-only access to existing records (albeit encrypted). However, this becomes hard when also access privacy is to be ensured - when client access patterns are necessarily hidden and the server cannot enforce access control directly.WORM-ORAM overcomes this by deploying a set of zero-knowledge proofs to convince the server that all stages of the protocol are WORM-compliant. © 2010 Springer-Verlag Berlin Heidelberg.

publication date

  • January 1, 2010

published in

Digital Object Identifier (DOI)

start page

  • 456

end page

  • 474

volume

  • 6123 LNCS