Fragmentation in Presence of Data Dependencies

Fragmentation has been recently proposed as a promising approach to protect the confidentiality of sensitive associations whenever data need to undergo external release or storage. By splitting attributes among different fragments, fragmentation guarantees confidentiality of the associations among these attributes under the assumption that such associations cannot be reconstructed by re-combining the fragments. We note that the requirement that fragments do not have attributes in common, imposed by previous proposals, is only a necessary, but not sufficient, condition to ensure that information in different fragments cannot be recombined as dependencies may exist among data enabling some form of linkability. In this paper, we identify the problem of improper information leakage due to data dependencies, provide a formulation of the problem based on a natural graphical modeling, and present an approach to tackle it in an efficient and scalable way.

[1]  Sushil Jajodia,et al.  Balancing confidentiality and efficiency in untrusted relational DBMSs , 2003, CCS '03.

[2]  Murat Kantarcioglu,et al.  Secure multidimensional range queries over outsourced data , 2012, The VLDB Journal.

[3]  Sushil Jajodia,et al.  Enforcing Subscription-Based Authorization Policies in Cloud Scenarios , 2012, DBSec.

[4]  Vijay Varadharajan,et al.  A flexible cryptographic approach for secure data storage in the cloud using role-based access control , 2012, Int. J. Cloud Comput..

[5]  Lilian Mitrou,et al.  Which side are you on? A new Panopticon vs. privacy , 2013, 2013 International Conference on Security and Cryptography (SECRYPT).

[6]  Vijayalakshmi Atluri,et al.  UICDS-based information sharing among emergency response application systems , 2011, dg.o '11.

[7]  Sabrina De Capitani di Vimercati,et al.  An OBDD approach to enforce confidentiality and visibility constraints in data publishing , 2012, J. Comput. Secur..

[8]  Jaideep Vaidya Privacy in the context of digital government , 2012, dg.o '12.

[9]  Sushil Jajodia,et al.  On information leakage by indexes over data fragments , 2013, 2013 IEEE 29th International Conference on Data Engineering Workshops (ICDEW).

[10]  Vipin Swarup,et al.  Everybody Share: The Challenge of Data-Sharing Systems , 2008, Computer.

[11]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[12]  Jian Pei,et al.  Correlation hiding by independence masking , 2010, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[13]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[14]  Vincenzo Piuri,et al.  Fault Tolerance Management in Cloud Computing: A System-Level Perspective , 2013, IEEE Systems Journal.

[15]  Dimitris Gritzalis,et al.  A Cloud Provider-Agnostic Secure Storage Protocol , 2010, CRITIS.

[16]  Peter J. Stuckey,et al.  Programming with Constraints: An Introduction , 1998 .

[17]  Lingyu Wang,et al.  k-jump strategy for preserving privacy in micro-data disclosure , 2010, ICDT '10.

[18]  Sushil Jajodia,et al.  Extending Loose Associations to Multiple Fragments , 2013, DBSec.

[19]  Dimitris Gritzalis,et al.  The Insider Threat in Cloud Computing , 2011, CRITIS.

[20]  Sushil Jajodia,et al.  Private data indexes for selective access to outsourced data , 2011, WPES '11.

[21]  Sushil Jajodia,et al.  Fragments and loose associations , 2010, Proc. VLDB Endow..

[22]  Sushil Jajodia,et al.  Selective data outsourcing for enforcing privacy , 2011, J. Comput. Secur..

[23]  Wendy Hui Wang,et al.  Privacy-Preserving Publishing Data with Full Functional Dependencies , 2010, DASFAA.

[24]  Jaideep Vaidya,et al.  Privacy-preserving Collaborative Filtering for the Cloud , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[25]  Hakan Hacigümüs,et al.  Executing SQL over encrypted data in the database-service-provider model , 2002, SIGMOD '02.

[26]  Yingjiu Li,et al.  Privacy Risk Assessment with Bounds Deduced from Bounds , 2011, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[27]  Joachim Biskup,et al.  Database Fragmentation with Encryption: Under Which Semantic Constraints and A Priori Knowledge Can Two Keep a Secret? , 2013, DBSec.

[28]  Sabrina De Capitani di Vimercati,et al.  Minimal data upgrading to prevent inference and association attacks , 1999, PODS '99.

[29]  Sushil Jajodia,et al.  Fragmentation Design for Efficient Query Execution over Sensitive Distributed Databases , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[30]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[31]  Vijay Varadharajan,et al.  TREASURE: Trust Enhanced Security for Cloud Environments , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[32]  Markus Triska Generalising Constraint Solving over Finite Domains , 2008, ICLP.

[33]  Ravi Jhawar,et al.  Chapter 7 – Fault Tolerance and Resilience in Cloud Computing Environments , 2013 .

[34]  Sushil Jajodia,et al.  Key management for multi-user encrypted databases , 2005, StorageSS '05.

[35]  Vincenzo Piuri,et al.  Supporting Security Requirements for Resource Management in Cloud Computing , 2012, 2012 IEEE 15th International Conference on Computational Science and Engineering.

[36]  Sushil Jajodia,et al.  The inference problem: a survey , 2002, SKDD.

[37]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[38]  Sabrina De Capitani di Vimercati,et al.  Data protection in outsourcing scenarios: issues and directions , 2010, ASIACCS '10.

[39]  Joachim Biskup,et al.  On the Inference-Proofness of Database Fragmentation Satisfying Confidentiality Constraints , 2011, ISC.

[40]  Edward P. K. Tsang,et al.  Foundations of constraint satisfaction , 1993, Computation in cognitive science.

[41]  Lilian Mitrou,et al.  Can We Trust This User? Predicting Insider's Attitude via YouTube Usage Profiling , 2013, 2013 IEEE 10th International Conference on Ubiquitous Intelligence and Computing and 2013 IEEE 10th International Conference on Autonomic and Trusted Computing.