{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T00:23:13Z","timestamp":1768522993533,"version":"3.49.0"},"reference-count":24,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2010,7,1]],"date-time":"2010-07-01T00:00:00Z","timestamp":1277942400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["7FP216483"],"award-info":[{"award-number":["7FP216483"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CT-0716323CT-0627493IIS-04300402"],"award-info":[{"award-number":["CT-0716323CT-0627493IIS-04300402"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000181","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-07-1-0527FA9550-08-1-0157"],"award-info":[{"award-number":["FA9550-07-1-0527FA9550-08-1-0157"]}],"id":[{"id":"10.13039\/100000181","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2010,7]]},"abstract":"<jats:p>The impact of privacy requirements in the development of modern applications is increasing very quickly. Many commercial and legal regulations are driving the need to develop reliable solutions for protecting sensitive information whenever it is stored, processed, or communicated to external parties. To this purpose, encryption techniques are currently used in many scenarios where data protection is required since they provide a layer of protection against the disclosure of personal information, which safeguards companies from the costs that may arise from exposing their data to privacy breaches. However, dealing with encrypted data may make query processing more expensive.<\/jats:p>\n                  <jats:p>In this article, we address these issues by proposing a solution to enforce the privacy of data collections that combines data fragmentation with encryption. We model privacy requirements as confidentiality constraints expressing the sensitivity of attributes and their associations. We then use encryption as an underlying (conveniently available) measure for making data unintelligible while exploiting fragmentation as a way to break sensitive associations among attributes. We formalize the problem of minimizing the impact of fragmentation in terms of number of fragments and their affinity and present two heuristic algorithms for solving such problems. We also discuss experimental results, comparing the solutions returned by our heuristics with respect to optimal solutions, which show that the heuristics, while guaranteeing a polynomial-time computation cost are able to retrieve solutions close to optimum.<\/jats:p>","DOI":"10.1145\/1805974.1805978","type":"journal-article","created":{"date-parts":[[2010,8,2]],"date-time":"2010-08-02T09:15:22Z","timestamp":1280740522000},"page":"1-33","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":143,"title":["Combining fragmentation and encryption to protect privacy in data storage"],"prefix":"10.1145","volume":"13","author":[{"given":"Valentina","family":"Ciriani","sequence":"first","affiliation":[{"name":"Universit\u00e0 degli Studi di Milano, Crema, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sabrina De Capitani Di","family":"Vimercati","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Milano, Crema, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sara","family":"Foresti","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Milano, Crema, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sushil","family":"Jajodia","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, VA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefano","family":"Paraboschi","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Bergamo, Dalmine, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pierangela","family":"Samarati","sequence":"additional","affiliation":[{"name":"Universit\u00e0 degli Studi di Milano, Crema, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2010,7,30]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Proceedings of the Conference on Innovative Data Systems Research. http:\/\/www.cidrdb.org\/.","author":"Aggarwal G.","unstructured":"Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., and Xu, Y. 2005. Two can keep a secret: A distributed architecture for secure database services. In Proceedings of the Conference on Innovative Data Systems Research. http:\/\/www.cidrdb.org\/."},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ipl.2007.09.007"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.5555\/2396231.2396269"},{"key":"e_1_2_1_4_1","unstructured":"CA SB 1386. 2002. California senate bill SB 1386."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1053283.1053289"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/275487.275492"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/2393847.2393864"},{"key":"e_1_2_1_8_1","volume-title":"S., Foresti, S.","author":"Ciriani V.","year":"2007","unstructured":"Ciriani, V., De Capitani di Vimercati, S., Foresti, S., and Samarati, P. 2007b. k-Anonymity. In Secure Data Management in Decentralized Systems, T. Yu and S. Jajodia, Eds. Springer-Verlag, Berlin."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948124"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1006\/jcss.2001.1807"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","unstructured":"Garey M. R. and Johnson D. S. 1979. Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman New York.","DOI":"10.5555\/578533"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/876875.879015"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/564691.564717"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/645727.667512"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0196-6774(03)00077-4"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1994.2209"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/67544.66966"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","unstructured":"\u00d6zsu M. T. and Valduriez P. 1999. Principles of Distributed Database Systems 2nd Ed. Prentice-Hall Upper Saddle River NJ.","DOI":"10.5555\/293457"},{"key":"e_1_2_1_19_1","unstructured":"Personal Data Protection Code. 2003. Legislative Decree no. 196."},{"key":"e_1_2_1_20_1","unstructured":"PICDSS. 2006. Payment Card Industry (PCI) data security standard. https:\/\/www. pcisecuritystandards.org\/pdfs\/pci dss v1-1.pdf."},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/69.971193"},{"key":"e_1_2_1_22_1","volume-title":"Applied Cryptography","author":"Schneier B.","unstructured":"Schneier, B. 1996. Applied Cryptography 2nd Ed. John Wiley &amp; Sons, New York.","edition":"2"},{"key":"e_1_2_1_23_1","volume-title":"Proceedings of the 7th International Information Security Conference. Springer","author":"Trouessin G.","unstructured":"Trouessin, G., Fabre, J. C., and Deswarte, Y. 1991. Reliable processing of confidential information. In Proceedings of the 7th International Information Security Conference. Springer, Berlin."},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1182635.1164140"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1805974.1805978","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1805974.1805978","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1805974.1805978","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T09:23:36Z","timestamp":1763457816000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1805974.1805978"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,7]]},"references-count":24,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,7]]}},"alternative-id":["10.1145\/1805974.1805978"],"URL":"https:\/\/doi.org\/10.1145\/1805974.1805978","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"value":"1094-9224","type":"print"},{"value":"1557-7406","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,7]]},"assertion":[{"value":"2008-06-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-07-01","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2010-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}