Privacy Preservation and Protection by Extending Generalized Partial Indices

Privacy violation has attracted more and more attention from the public, and privacy preservation has become a hot topic in academic communities, industries and societies. Recent research has been focused on purpose-based techniques and models with little consideration on balancing privacy enhancement and performance. We propose an efficient Privacy Aware Partial Index (PAPI) mechanism based on both the concept of purposes and the theory of partial indices. In the PAPI mechanism, all purposes are independent from each other and organized in a flatten purpose tree($\mathcal{FPT}$). Thus, security administrators can update the flatten purpose tree by adding or deleting purposes. Intended purposes are maintained in PAPI directly. Furthermore, based on the PAPI mechanism, we extend the existing query optimizer and executor to enforce the privacy policies. Finally, the experimental results demonstrate the feasibility and efficiency of the PAPI mechanism.

[1]  David J. DeWitt,et al.  Benchmarking Database Systems A Systematic Approach , 1983, VLDB.

[2]  William I. Gasarch,et al.  A Survey on Private Information Retrieval (Column: Computational Complexity) , 2004, Bull. EATCS.

[3]  Goetz Graefe,et al.  Query evaluation techniques for large databases , 1993, CSUR.

[4]  Elisa Bertino,et al.  Purpose based access control of complex data for privacy protection , 2005, SACMAT '05.

[5]  Fang Chen,et al.  The multilevel relational (MLR) data model , 1998, TSEC.

[6]  Praveen Seshadri,et al.  Generalized partial indexes , 1995, Proceedings of the Eleventh International Conference on Data Engineering.

[7]  Matthias Schunter,et al.  Privacy promises, access control, and privacy management. Enforcing privacy throughout an enterprise by extending access control , 2002, Proceedings. Third International Symposium on Electronic Commerce,.

[8]  Patricia G. Selinger,et al.  Access path selection in a relational database management system , 1979, SIGMOD '79.

[9]  Elisa Bertino,et al.  Micro-views, or on how to protect privacy while enhancing data usability: concepts and challenges , 2006, SGMD.

[10]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[11]  C. Powers Privacy Promises, Access Control, and Privacy Management , 2002 .

[12]  William Gasarch A Survey on Private Information Retrieval , 2004 .

[13]  David J. DeWitt,et al.  Limiting Disclosure in Hippocratic Databases , 2004, VLDB.

[14]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.