Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
The Influence of Client Platform on Web Page Content: Measurements, Analysis, and Implications Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Query Monitoring and Analysis for Database Privacy - A Security Automata Model Approach

verfasst von : Anand Kumar, Jay Ligatti, Yi-Cheng Tu

Erschienen in: Web Information Systems Engineering – WISE 2015

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Privacy and usage restriction issues are important when valuable data are exchanged or acquired by different organizations. Standard access control mechanisms either restrict or completely grant access to valuable data. On the other hand, data obfuscation limits the overall usability and may result in loss of total value. There are no standard policy enforcement mechanisms for data acquired through mutual and copyright agreements. In practice, many different types of policies can be enforced in protecting data privacy. Hence there is the need for an unified framework that encapsulates multiple suites of policies to protect the data.
We present our vision of an architecture named security automata model (SAM) to enforce privacy-preserving policies and usage restrictions. SAM analyzes the input queries and their outputs to enforce various policies, liberating data owners from the burden of monitoring data access. SAM allows administrators to specify various policies and enforces them to monitor queries and control the data access. Our goal is to address the problems of data usage control and protection through privacy policies that can be defined, enforced, and integrated with the existing access control mechanisms using SAM. In this paper, we lay out the theoretical foundation of SAM, which is based on an automata named Mandatory Result Automata. We also discuss the major challenges of implementing SAM in a real-world database environment as well as ideas to meet such challenges.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel A Classification-Based Demand Trend Prediction Model in Cloud Computing
Nächstes Kapitel Correlation-Based Deep Learning for Multimedia Semantic Concept Detection
Fußnoten
1
Technically, these policies are called “properties” in the literature on formal security models [10, 11, 17].
 
Literatur
1.
Adam, N.R., Worthmann, J.C.: Security-control methods for statistical databases: a comparative study. ACM Comput. Surv. 21(4), 515–556 (1989)CrossRef
2.
Agrawal, R., Srikant, R., Thomas, D.: Privacy preserving OLAP. In: Proceedings of the International Conference on Management of Data, SIGMOD, pp. 251–262 (2005)
3.
Denning, D.E., Schlörer, J.: A fast procedure for finding a tracker in a statistical database. ACM Trans. Database Syst. 5(1), 88–102 (1980)CrossRef
4.
Dobkin, D., Jones, A.K., Lipton, R.J.: Secure databases: protection against user influence. ACM Trans. Database Syst. 4(1), 97–106 (1979)CrossRef
5.
Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008) CrossRef
6.
Fabbri, D., LeFevre, K.: Explanation-based auditing. Proc. VLDB Endow. 5(1), 1–12 (2011)CrossRef
7.
Fellegi, I.P., Phillips, J.J.: Statistical confidentiality: some theory and application to data dissemination. Am. Econ. Soc. Measures 3(2), 101–112 (1974)
8.
Hasan, R., Winslett, M.: Efficient audit-based compliance for relational data retention. In: Symposium on Information, Computer and Communications Security, pp. 238–248 (2011)
9.
Kushida, C., Nichols, D., Jadrnicek, R., Miller, R., Walsh, J., Griffin, K.: Strategies for de-identification and anonymization of electronic health record data for use in multicenter research studies. Med. Care 50, S82–S101 (2012)CrossRef
10.
Ligatti, J., Bauer, L., Walker, D.: Run-time enforcement of nonsafety policies. ACM Trans. Inf. Syst. Secur. 12(3), 1–41 (2009)CrossRef
11.
Ligatti, J., Reddy, S.: A theory of runtime enforcement, with results. In: Proceedings of the 15th European Conference on Research in Computer Security, pp. 87–100 (2010)
12.
McSherry, F.D.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the International Conference on Management of Data, SIGMOD, pp. 19–30 (2009)
13.
Mohan, P., Thakurta, A., Shi, E., Song, D., Culler, D.: Gupt: privacy preserving data analysis made easy. In: Proceedings of the International Conference on Management of Data, SIGMOD, pp. 349–360 (2012)
14.
Muralidhar, K., Batra, D., Kirs, P.J.: Accessibility, security, and accuracy in statistical databases: the case for the multiplicative fixed data perturbation approach. Manage. Sci. 41(9), 1549–1564 (1995)CrossRefMATH
15.
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: Proceedings of the Symposium on Security and Privacy, S&P, pp. 111–125 (2008)
16.
Roy, I., Setty, S.T.V., Kilzer, A., Shmatikov, V., Witchel, E.: Airavat: security and privacy for mapreduce. In: Proceedings of the Conference on Networked Systems Design and Implementation, NSDI, p. 20 (2010)
17.
Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)CrossRef
18.
Upadhyaya, P., Anderson, N.R., Balazinska, M., Howe, B., Kaushik, R., Ramamurthy, R., Suciu, D.: Stop that query! the need for managing data use. In: Conference on Innovative Data Systems Research (2013)
Metadaten
Titel
Query Monitoring and Analysis for Database Privacy - A Security Automata Model Approach
verfasst von
Anand Kumar
Jay Ligatti
Yi-Cheng Tu
Copyright-Jahr
2015
Buch
Web Information Systems Engineering – WISE 2015

Print ISBN: 978-3-319-26186-7

Electronic ISBN: 978-3-319-26187-4

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-26187-4_42