Enforcing privacy via access control and data perturbation.

With the increasing availability of large collections of personal and sensitive information to a wide range of user communities, services should take more responsibility for data privacy when disseminating information, which requires data sharing control.

[1]  Sara Foresti,et al.  Preserving Privacy in Data Outsourcing , 2010, Advances in Information Security.

[2]  Marco Gruteser,et al.  USENIX Association , 1992 .

[3]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[4]  P. S. Wang,et al.  Factorization properties of chebyshev polynomials , 2005 .

[5]  Yufei Tao,et al.  Personalized privacy preservation , 2006, Privacy-Preserving Data Mining.

[6]  Mohammed Ketel,et al.  Privacy-preserving mining by rotational data transformation , 2005, ACM-SE 43.

[7]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[8]  Osmar R. Zaïane,et al.  Achieving Privacy Preservation when Sharing Data for Clustering , 2004, Secure Data Management.

[9]  Ruth Brand,et al.  Microdata Protection through Noise Addition , 2002, Inference Control in Statistical Databases.

[10]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[11]  Balachander Krishnamurthy,et al.  Characterizing privacy in online social networks , 2008, WOSN '08.

[12]  Ravi S. Sandhu,et al.  Toward a Usage-Based Security Framework for Collaborative Computing Systems , 2008, TSEC.

[13]  Etienne J. Khayat,et al.  A Formal Model for Parameterized Role-Based Access Control , 2004, Formal Aspects in Security and Trust.

[14]  Jian Pei,et al.  A Survey of Utility-based Privacy-Preserving Data Transformation Methods , 2008, Privacy-Preserving Data Mining.

[15]  Raghu Ramakrishnan,et al.  Privacy Skyline: Privacy with Multidimensional Adversarial Knowledge , 2007, VLDB.

[16]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[17]  Philip S. Yu,et al.  Template-based privacy preservation in classification problems , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[18]  Traian Marius Truta,et al.  Protection : p-Sensitive k-Anonymity Property , 2006 .

[19]  David J. DeWitt,et al.  Mondrian Multidimensional K-Anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[20]  Oliver Günther,et al.  Using online services in untrusted environments: a privacy-preserving architecture , 2003, ECIS.

[21]  J. Eckmann,et al.  Iterated maps on the interval as dynamical systems , 1980 .

[22]  Philip S. Yu,et al.  Handicapping attacker's confidence: an alternative to k-anonymization , 2006, Knowledge and Information Systems.

[23]  Q. He A Framework for Modeling Privacy Requirements in Role Engineering , 2003 .

[24]  Marta Teresa Acevedo,et al.  Enterprise security applications of partition rule based access control (PRBAC) , 1997, Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[25]  Yihua Zhang ON DATA UTILITY IN PRIVATE DATA PUBLISHING , 2010 .

[26]  Raymond Chi-Wing Wong,et al.  Privacy-Preserving Data Publishing: An Overview , 2010, Privacy-Preserving Data Publishing: An Overview.

[27]  Vitaly Shmatikov,et al.  De-anonymizing Social Networks , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[28]  Sabah S. Al-Fedaghi,et al.  Beyond Purpose-Based Privacy Access Control , 2007, ADC.

[29]  Yufei Tao,et al.  Anatomy: simple and effective privacy preservation , 2006, VLDB.

[30]  John Riedl,et al.  You are what you say: privacy risks of public mentions , 2006, SIGIR '06.

[31]  Ashwin Machanavajjhala,et al.  Worst-Case Background Knowledge for Privacy-Preserving Data Publishing , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[32]  David S. Rosenblum,et al.  What Anyone Can Know: The Privacy Risks of Social Networking Sites , 2007, IEEE Security & Privacy.

[33]  Gene Tsudik,et al.  A Framework for Efficient Storage Security in RDBMS , 2004, EDBT.

[34]  Wenliang Du,et al.  Deriving private information from randomized data , 2005, SIGMOD '05.

[35]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.

[36]  Wenliang Du,et al.  Using randomized response techniques for privacy-preserving data mining , 2003, KDD '03.

[37]  Reihaneh Safavi-Naini,et al.  An Attack on the Privacy of Sanitized Data that Fuses the Outputs of Multiple Data Miners , 2009, 2009 IEEE International Conference on Data Mining Workshops.

[38]  Jian Pei,et al.  Utility-based anonymization using local recoding , 2006, KDD '06.

[39]  Jeroen Doumen,et al.  Using Secret Sharing for Searching in Encrypted Data , 2004, Secure Data Management.

[40]  Vijay S. Iyengar,et al.  Transforming data to satisfy privacy constraints , 2002, KDD.

[41]  Zahir Tari,et al.  Privacy-Aware Granular Data Access Control For Cross-Domain Data Sharing , 2011, PACIS.

[42]  Wei Wang,et al.  Storage and Query over Encrypted Character and Numerical Data in Database , 2005, The Fifth International Conference on Computer and Information Technology (CIT'05).

[43]  Ninghui Li,et al.  Purpose based access control for privacy protection in relational database systems , 2008, The VLDB Journal.

[44]  Laks V. S. Lakshmanan,et al.  Efficient secure query evaluation over encrypted XML databases , 2006, VLDB.

[45]  Keith B. Frikken,et al.  An Index Structure for Private Data Outsourcing , 2011, DBSec.

[46]  Qi Wang,et al.  On the privacy preserving properties of random data perturbation techniques , 2003, Third IEEE International Conference on Data Mining.

[47]  Gene Tsudik,et al.  A Privacy-Preserving Index for Range Queries , 2004, VLDB.

[48]  Amirreza Masoumzadeh,et al.  A secure, constraint-aware role-based access control interoperation framework , 2011, 2011 5th International Conference on Network and System Security.

[49]  Oliver Günther,et al.  Provable Security for Outsourcing Database Operations , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[50]  Eunjee Song,et al.  Privacy-Aware Role Based Access Control Model: Revisited for Multi-Policy Conflict Detection , 2010, 2010 International Conference on Information Science and Applications.

[51]  Eric S. K. Yu,et al.  Role-Based Access Control Requirements Model with Purpose Extension , 2007, WER.

[52]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.

[53]  Kalpana Singh Recovering private data : a comparison of three methods , 2012 .

[54]  Douglas M. Blough,et al.  A robust data obfuscation approach for privacy preserving collaborative filtering , 2006 .

[55]  Ashwin Machanavajjhala,et al.  Privacy-Preserving Data Publishing , 2009, Found. Trends Databases.

[56]  Bo,et al.  An Algorithm for Role Mapping Across Multi-domains Employing RBAC , 2009 .

[57]  Clare-Marie Karat,et al.  Usable security and privacy: a case study of developing privacy management tools , 2005, SOUPS '05.

[58]  Elisa Bertino,et al.  Purpose based access control of complex data for privacy protection , 2005, SACMAT '05.

[59]  M V Patil,et al.  HASBE: A HIERARCHICAL ATTRIBUTE-BASED SOLUTION FOR FLEXIBLE AND SCALABLE ACCESS CONTROL IN CLOUD COMPUTING , 2006 .

[60]  Stanley Robson de Medeiros Oliveira,et al.  Data transformation for privacy-preserving data mining , 2005 .

[61]  Haimonti Dutta,et al.  Analysis of privacy preserving random perturbation techniques: further explorations , 2003, WPES '03.

[62]  Marco Gruteser,et al.  On the Anonymity of Periodic Location Samples , 2005, SPC.

[63]  Qishan Zhang,et al.  A privacy preserving clustering technique using hybrid data transformation method , 2009, 2009 IEEE International Conference on Grey Systems and Intelligent Services (GSIS 2009).

[64]  Jun Gu,et al.  Dynamic Purpose-Based Access Control , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing with Applications.

[65]  Ramakrishnan Srikant,et al.  Order preserving encryption for numeric data , 2004, SIGMOD '04.

[66]  E. Poovammal,et al.  Task Independent Privacy Preserving Data Mining on Medical Dataset , 2009, 2009 International Conference on Advances in Computing, Control, and Telecommunication Technologies.

[67]  Tetsuji Satoh,et al.  Protection of Location Privacy using Dummies for Location-based Services , 2005, 21st International Conference on Data Engineering Workshops (ICDEW'05).

[68]  Kun Liu,et al.  A Survey of Attack Techniques on Privacy-Preserving Data Perturbation Methods , 2008, Privacy-Preserving Data Mining.

[69]  Aziz Mohaisen,et al.  Augmented Rotation‐Based Transformation for Privacy‐Preserving Data Clustering , 2010, ArXiv.

[70]  Alexandre V. Evfimievski,et al.  Privacy preserving mining of association rules , 2002, Inf. Syst..

[71]  Rakesh Bobba,et al.  Using Attribute-Based Access Control to Enable Attribute-Based Messaging , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[72]  Philip S. Yu,et al.  On static and dynamic methods for condensation-based privacy-preserving data mining , 2008, TODS.

[73]  Ling Liu,et al.  A Random Rotation Perturbation Approach to Privacy Preserving Data Classification , 2005 .

[74]  Elisa Bertino,et al.  A Conditional Role-Involved Purpose-Based Access Control Model , 2011, J. Organ. Comput. Electron. Commer..

[75]  Alexandre V. Evfimievski,et al.  Privacy Preserving Information Sharing , 2004 .

[76]  Yufei Tao,et al.  ANGEL: Enhancing the Utility of Generalization for Privacy Preserving Publication , 2009, IEEE Transactions on Knowledge and Data Engineering.

[77]  Bettina Kemme,et al.  Fine-granularity access control in 3-tier laboratory information systems , 2005, 9th International Database Engineering & Application Symposium (IDEAS'05).

[78]  Roberto Tamassia,et al.  A Role and Attribute Based Access Control System Using Semantic Web Technologies , 2007, OTM Workshops.

[79]  Raymond Chi-Wing Wong,et al.  (α, k)-anonymity: an enhanced k-anonymity model for privacy preserving data publishing , 2006, KDD '06.

[80]  Pirjo Moen,et al.  Safeguarding against new privacy threats in inter-enterprise collaboration environments , 2010 .

[81]  Ian T. Foster,et al.  A Flexible Attribute Based Access Control Method for Grid Computing , 2008, Journal of Grid Computing.

[82]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[83]  Marco Gruteser,et al.  Protecting Location Privacy Through Path Confusion , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[84]  Patrick C. K. Hung,et al.  Health Insurance Portability and Accountability Act (HIPPA) Compliant Access Control Model for Web Services , 2006, Int. J. Heal. Inf. Syst. Informatics.

[85]  Stan Matwin,et al.  PEEP- An Information Extraction base approach for Privacy Protection in Email , 2005, CEAS.

[86]  Wei Wang,et al.  Fast Query Over Encrypted Character Data in Database , 2004, International Conference on Computational Intelligence and Security.

[87]  S. Strogatz Nonlinear Dynamics and Chaos: With Applications to Physics, Biology, Chemistry and Engineering , 1995 .

[88]  Philip S. Yu,et al.  A framework for condensation-based anonymization of string data , 2008, Data Mining and Knowledge Discovery.

[89]  David J. DeWitt,et al.  Workload-aware anonymization , 2006, KDD '06.

[90]  David J. DeWitt,et al.  Incognito: efficient full-domain K-anonymity , 2005, SIGMOD '05.

[91]  Philip S. Yu,et al.  Anonymizing Classification Data for Privacy Preservation , 2007, IEEE Transactions on Knowledge and Data Engineering.

[92]  Joachim Biskup,et al.  Reducing inference control to access control for normalized database schemas , 2008, Inf. Process. Lett..

[93]  Charalampos Z. Patrikakis,et al.  Quantifying privacy in terms of entropy for context aware services , 2009 .

[94]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[95]  Sushil Jajodia,et al.  Keep a Few: Outsourcing Data While Maintaining Confidentiality , 2009, ESORICS.

[96]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[97]  Md. Enamul Kabir,et al.  Conditional Purpose Based Access Control Model for Privacy Protection , 2009, ADC.

[98]  Xu Liu,et al.  Attribute mapping for cross-domain access control , 2010, 2010 International Conference on Computer and Information Application.

[99]  Chris Clifton,et al.  Thoughts on k-Anonymization , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[100]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[101]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[102]  Pierangela Samarati,et al.  Protecting Information Privacy in the Electronic Society , 2009, SECRYPT.

[103]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[104]  Mohammed Ketel Quantification of a Privacy Preserving Data Mining Transformation , 2006, DMIN.

[105]  Jin-Young Choi,et al.  Formal verification of PAP and EAP-MD5 protocols in wireless networks: FDR model checking , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..

[106]  Hua Wang,et al.  Privacy-aware Access Control with Generalization Boundaries , 2009, ACSC.

[107]  Joachim Biskup,et al.  Enforcing Confidentiality in Relational Databases by Reducing Inference Control to Access Control , 2007, ISC.

[108]  Jian Pei,et al.  Preserving Privacy in Social Networks Against Neighborhood Attacks , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[109]  Sushil Jajodia,et al.  Protecting Privacy Against Location-Based Personal Identification , 2005, Secure Data Management.

[110]  Qing Zhang,et al.  Aggregate Query Answering on Anonymized Tables , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[111]  Keke Chen,et al.  A Survey of Multiplicative Perturbation for Privacy-Preserving Data Mining , 2008, Privacy-Preserving Data Mining.

[112]  Lorrie Faith Cranor,et al.  Use of a P3P user agent by early adopters , 2002, WPES '02.

[113]  Amirreza Masoumzadeh,et al.  PuRBAC: Purpose-Aware Role-Based Access Control , 2008, OTM Conferences.

[114]  Paul Glendinning Stability, Instability and Chaos: GLOBAL BIFURCATION THEORY , 1994 .

[115]  Muhammad Nabeel Tahir C-RBAC: Contextual role-based access control model , 2007 .

[116]  Sabah Al-Fedaghi,et al.  Purpose-based Versus Flow-based Access Control for Privacy , 2012 .

[117]  Charu C. Aggarwal On Unifying Privacy and Uncertain Data Models , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[118]  Philip S. Yu,et al.  Top-down specialization for information and privacy preservation , 2005, 21st International Conference on Data Engineering (ICDE'05).

[119]  Philip S. Yu,et al.  Privacy-Preserving Data Mining - Models and Algorithms , 2008, Advances in Database Systems.

[120]  A. S. Sodiya,et al.  Components- Based Access Control Architecture , 2009 .

[121]  John Krumm,et al.  Inference Attacks on Location Tracks , 2007, Pervasive.

[122]  WonYoung Kim,et al.  Simple data transformation method for privacy preserving data re-publication , 2009, 2009 1st IEEE Symposium on Web Society.

[123]  S. Swamynathan,et al.  Purpose Based Access Control for Privacy Protection in Object Relational Database Systems , 2010, 2010 International Conference on Data Storage and Data Engineering.

[124]  Norm Archer,et al.  Electronic Personal Health Record Systems: A Brief Review of Privacy, Security, and Architectural Issues , 2009, 2009 World Congress on Privacy, Security, Trust and the Management of e-Business.

[125]  Dilys Thomas Algorithms and architectures for data privacy , 2007 .

[126]  Lifang Gu,et al.  Privacy-preserving data linkage protocols , 2004, WPES '04.

[127]  Elisa Bertino,et al.  Multi-domain and privacy-aware role based access control in eHealth , 2008, Pervasive 2008.

[128]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[129]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[130]  Dola Barua Location-Based Services for Mobile Telephony: a study of Users' privacy concerns , 2015 .

[131]  Mark Looi,et al.  Secure Authorisation Agent for Cross-Domain Access Control in a Mobile Computing Environment , 2001, ICISC.

[132]  A. Karp,et al.  From ABAC to ZBAC : The Evolution of Access Control Models , 2009 .

[133]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[134]  Elisa Bertino,et al.  Securing XML Documents with Author-X , 2001, IEEE Internet Comput..

[135]  P. Doyle,et al.  Confidentiality, Disclosure and Data Access: Theory and Practical Applications for Statistical Agencies , 2001 .

[136]  Jorge Lobo,et al.  Conditional Privacy-Aware Role Based Access Control , 2007, ESORICS.

[137]  Sabrina De Capitani di Vimercati,et al.  Privacy of Outsourced Data , 2009, PrimeLife.

[138]  Hakan Hacigümüs,et al.  Efficient Execution of Aggregation Queries over Encrypted Relational Databases , 2004, DASFAA.

[139]  Donald F. Towsley,et al.  Resisting structural re-identification in anonymized social networks , 2010, The VLDB Journal.

[140]  Kun Liu,et al.  Random projection-based multiplicative data perturbation for privacy preserving distributed data mining , 2006, IEEE Transactions on Knowledge and Data Engineering.

[141]  Lili Sun,et al.  A purpose based usage access control model , 2010 .

[142]  Paul Ashley,et al.  E-P3P privacy policies and privacy authorization , 2002, WPES '02.

[143]  Elisa Bertino,et al.  Privacy-Preserving Database Systems , 2005, FOSAD.

[144]  Alexandre V. Evfimievski,et al.  Limiting privacy breaches in privacy preserving data mining , 2003, PODS.

[145]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[146]  Adam Meyerson,et al.  On the complexity of optimal K-anonymity , 2004, PODS.

[147]  Ning Zhang,et al.  A Purpose-Based Access Control Model , 2007, Third International Symposium on Information Assurance and Security.

[148]  Roberto J. Bayardo,et al.  Data privacy through optimal k-anonymization , 2005, 21st International Conference on Data Engineering (ICDE'05).

[149]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[150]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[151]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[152]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[153]  Vitaly Shmatikov,et al.  The cost of privacy: destruction of data-mining utility in anonymized data publishing , 2008, KDD.

[154]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[155]  Emil C. Lupu,et al.  Secure cross-domain data sharing architecture for crisis management , 2010, DRM '10.

[156]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[157]  T. J. Rivlin Chebyshev polynomials : from approximation theory to algebra and number theory , 1990 .

[158]  Jon M. Kleinberg,et al.  Wherefore art thou R3579X? , 2011, Commun. ACM.

[159]  Starr Roxanne Hiltz,et al.  Trust and Privacy Concern Within Social Networking Sites: A Comparison of Facebook and MySpace , 2007, AMCIS.

[160]  Chi-Yin Chow,et al.  A peer-to-peer spatial cloaking algorithm for anonymous location-based service , 2006, GIS '06.

[161]  Dov Dori,et al.  Situation-Based Access Control: Privacy management via modeling of patient data access scenarios , 2008, J. Biomed. Informatics.