Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2004 | Buch

Secure and Privacy Preserving Outsourcing of Tree Structured Data Kapitel lesen Erstes Kapitel lesen

Secure Data Management

VLDB 2004 Workshop, SDM 2004, Toronto, Canada, August 30, 2004. Proceedings

herausgegeben von: Willem Jonker, Milan Petković

Verlag: Springer Berlin Heidelberg

Buchreihe : Lecture Notes in Computer Science

Enthalten in: Professional Book Archive

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

Concepts like ubiquitous computing and ambient intelligence that exploit - creasingly interconnected networks and mobility put new requirements on data management. An important element in the connected world is that data will be accessible anytime anywhere. This also has its downside in that it becomes easier to get unauthorized data access. Furthermore, it will become easier to collect, store, and search personal information and endanger people’s privacy. As a result security and privacy of data becomes more and more of an issue. Therefore, secure data management, which is also privacy-enhanced, turns out to be a challenging goal that will also seriously in?uence the acceptance of ub- uitous computing and ambient intelligence concepts by society. With the above in mind, we organized the SDM 2004 workshop to initiate and promote secure data management as one of the important interdisciplinary - search ?elds that brings together people from the security research community and the data management research community. The call for papers attracted 28 submissions both from universities and industry. The program committee selected 15 researchpapers for presentation at the workshop.The technical c- tributions presented at the SDM workshop are collected in this volume, which, wehope,willserveasavaluableresearchandreferencebookinyourprofessional life.

Inhaltsverzeichnis

Frontmatter

Encrypted Data Access

Secure and Privacy Preserving Outsourcing of Tree Structured Data
Abstract
With the increasing use of web services, many new challenges concerning data security are becoming critical. Data or applications can now be outsourced to powerful remote servers, which are able to provide services on behalf of the owners. Unfortunately, such hosts may not always be trustworthy. In [1,2], we presented a one-server computationally private tree traversal technique, which allows clients to outsource tree-structured data. In this paper, we extend this protocol to prevent a polynomial time server with large memory to use correlations in client queries and in data structures to learn private information about queries and data. We show that, when the proposed techniques are used, computational privacy is achieved even for non-uniformly distributed node accesses that are common in real databases.
Ping Lin, K. Selçuk Candan
Using Secret Sharing for Searching in Encrypted Data
Abstract
When outsourcing data to an untrusted database server, the data should be encrypted. When using thin clients or low-bandwidth networks it is best to perform most of the work at the server. In this paper we present a method, inspired by secure multi-party computation, to search efficiently in encrypted data. XML elements are translated to polynomials. A polynomial is split into two parts: a random polynomial for the client and the difference between the original polynomial and the client polynomial for the server. Since the client polynomials are generated by a random sequence generator only the seed has to be stored on the client. In a combined effort of both the server and the client a query can be evaluated without traversing the whole tree and without the server learning anything about the data or the query.
Richard Brinkman, Jeroen Doumen, Willem Jonker
A Structure Preserving Database Encryption Scheme
Abstract
A new simple and efficient database encryption scheme is presented. The new scheme enables encrypting the entire content of the database without changing its structure. In addition, the scheme suggests how to convert the conventional database index to a secure index on the encrypted database so that the time complexity of all queries is maintained. No one with access to the encrypted database can learn anything about its content without having the encryption key.
Yuval Elovici, Ronen Waisenberg, Erez Shmueli, Ehud Gudes
Modeling Integrity in Data Exchange
Abstract
We provide a formal model of security guarantees offered by digital signature schemes when they are applied to structured data. This model is an important step towards managing the integrity of data that is shared, integrated, transformed, and exchanged on the World Wide Web. We express signature semantics using well-known database constraints, which can help authors decide what to sign, help recipients evaluate the integrity of signed data, and clarify the capabilities of different signature technologies.
Gerome Miklau, Dan Suciu

Privacy Preserving Data Management

Experimental Analysis of Privacy-Preserving Statistics Computation
Abstract
The recent investigation of privacy-preserving data mining and other kinds of privacy-preserving distributed computation has been motivated by the growing concern about the privacy of individuals when their data is stored, aggregated, and mined for information. Building on the study of selective private function evaluation and the efforts towards practical algorithms for privacy-preserving data mining solutions, we analyze and implement solutions to an important primitive, that of computing statistics of selected data in a remote database in a privacy-preserving manner. We examine solutions in different scenarios ranging from a high speed communications medium, such as a LAN or high-speed Internet connection, to a decelerated communications medium to account for worst-case communication delays such as might be provided in a wireless multihop setting.
Our experimental results show that in the absence of special-purpose hardware accelerators or practical optimizations, the computational complexity is the performance bottleneck of these solutions rather than the communication complexity. We also evaluate several practical optimizations to amortize the computation time and to improve the practical efficiency.
Hiranmayee Subramaniam, Rebecca N. Wright, Zhiqiang Yang
Achieving Privacy Preservation when Sharing Data for Clustering
Abstract
In this paper, we address the problem of protecting the underlying attribute values when sharing data for clustering. The challenge is how to meet privacy requirements and guarantee valid clustering results as well. To achieve this dual goal, we propose a novel spatial data transformation method called Rotation-Based Transformation (RBT). The major features of our data transformation are: a) it is independent of any clustering algorithm, b) it has a sound mathematical foundation; c) it is efficient and accurate; and d) it does not rely on intractability hypotheses from algebra and does not require CPU-intensive operations. We show analytically that although the data are transformed to achieve privacy, we can also get accurate clustering results by the safeguard of the global distances between data points.
Stanley R. M. Oliveira, Osmar R. Zaïane
Privacy-Preserving Digital Rights Management
Abstract
DRM systems provide a means for protecting digital content, but at the same time they violate the privacy of users in a number of ways. This paper addresses privacy issues in DRM systems. The main challenge is how to allow a user to interact with the system in an anonymous/pseudonymous way, while preserving all security requirements of usual DRM systems. To achieve this goal, the paper proposes a set of protocols and methods for managing user identities and interactions with the system during the process of acquiring and consuming digital content. Furthermore, a method that supports anonymous transfer of licenses is discussed. It allows a user to transfer a piece of content to another user without the content provider being able to link the two users. Finally, the paper demonstrates how to extend the rights of a given user to a group of users in a privacy preserving way. The extension hides the group structure from the content provider and at the same time provides privacy among the members of the group.
Claudine Conrado, Milan Petković, Willem Jonker
Management of Private Data: Addressing User Privacy and Economic, Social, and Ethical Concerns
Abstract
Coordinated Web services can help alleviate user’s privacy and economic, social, and ethical concerns that arise from third parties’ access and use of user private data. This paper focuses on the requirements and design of such services in support of a client-side private data management system. Appropriate management of private data on the client side can both educate and assure users that their privacy is well guarded, and that their private data is being used by entities which satisfy economic and/or ethical user concerns. Our solutions describe novel Web services, interaction with P3P agents, and a client-side privacy architecture. A preliminary prototype implementation of our Web services using standard UDDI, SOAP, and WSDL technologies and rudimentary delay estimates are briefly discussed.
Dawn Jutla, Peter Bodorik, Deyun Gao

Access Control

PeerTrust: Automated Trust Negotiation for Peers on the Semantic Web
Abstract
Researchers have recently begun to develop and investigate policy languages to describe trust and security requirements on the Semantic Web. Such policies will be one component of a run-time system that can negotiate to establish trust on the Semantic Web. In this paper, we show how to express different kinds of access control policies and control their use at run time using PeerTrust, a new approach to trust establishment. We show how to use distributed logic programs as the basis for PeerTrust’s simple yet expressive policy and trust negotiation language, built upon the rule layer of the Semantic Web layer cake. We describe the PeerTrust language based upon distributed logic programs, and compare it to other approaches to implementing policies and trust negotiation. Through examples, we show how PeerTrust can be used to support delegation, policy protection and negotiation strategies in the ELENA distributed eLearning environment. Finally, we discuss related work and identify areas for further research.
Wolfgang Nejdl, Daniel Olmedilla, Marianne Winslett
A Flexible Framework for Architecting XML Access Control Enforcement Mechanisms
Abstract
Due to the growing interest in XML security, various access control schemes have been proposed recently. However, little effort has been put forth to facilitate a uniform analysis and comparison of these schemes under the same framework. This paper presents a first attempt toward a flexible framework that can capture the design principles and operations of existing XML access control mechanisms. Under this framework, we observe that most existing XML access control mechanisms share the same design principle with slightly different orderings of underlying building blocks (i.e., data, query, and access control rule). Furthermore, according to the framework, we identify four plausible approaches to implement XML access controls, namely built-in, view-based, pre-processing and post-processing. Finally, we compare the actual performance of different approaches.
Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu
Abstracting and Refining Authorization in SQL
Abstract
The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind SQL authorization. We then discuss two extensions, for explicit metadata privileges and general privilege inference on derived objects. Although these are quite simple and easily implemented, we show how together, they help solve several administrative problems with existing SQL security. This sort of abstraction is also an important step towards having DBMSs that simultaneously support security policies over SQL, XML, RDF, and other forms of data.
Arnon Rosenthal, Edward Sciore
A Classifier-Based Approach to User-Role Assignment for Web Applications
Abstract
Role-based access control (RBAC) can be used to design a security system for on-line applications. The Role Graph Model is the only RBAC system which has the notion of a group graph. We show how using the group graph to assign users to groups rather than directly to roles helps with this security design. We also show how a machine-learning based classifier can be used to do user-group assignment.
Shengli Sheng, Sylvia L. Osborn
LTAM: A Location-Temporal Authorization Model
Abstract
This paper describes an authorization model for specifying access privileges of users who make requests to access a set of locations in a building or more generally a physical or virtual infrastructure. In the model, primitive locations can be grouped into composite locations and the connectivities among locations are represented in a multilevel location graph. Authorizations are defined with temporal constraints on the time to enter and leave a location and constraints on the number of times users can access a location. Access control enforcement is conducted by monitoring user movement and checking access requests against an authorization database. The authorization model also includes rules that define the relationships among authorizations. We also describe the problem of finding inaccessible locations given a set of user specified authorizations and a multilevel location graph, and outline a solution algorithm.
Hai Yu, Ee-Peng Lim

Database Security

Identifying Sensitive Associations in Databases for Release Control
Abstract
In a database system, authorization-based access-control is generally the first line of defense, preventing unauthorized accesses to secret or sensitive data. However, this mechanism is susceptible to security breaches due to improper authorization (e.g., the general public is mistakenly granted access to a copy of sensitive data) and cannot block insider attacks (an authorized user accidentally or intentionally discloses secrets to outsiders). Supplementary to access-control, the release-control mechanism is to check all the outgoing documents for any leak of secret or sensitive information. This paper reports preliminary results on a specific release-control task, namely, how to deal with sensitive associations that need to be restricted from releasing. A sensitive association refers to a pair of values whose connection involves some secrets. The disclosure of such a pair may reveal the secretive connection and therefore should be controlled. The release control of sensitive associations is a very challenging and long term research problem. This paper introduces techniques to identify and represent sensitive associations hidden in a database.
Claudio Bettini, Xiaoyang Sean Wang, Sushil Jajodia
Using Delay to Defend Against Database Extraction
Abstract
For many data providers, the “crown jewels” of their business are the data that they have organized. If someone could copy their entire database, it would be a competitive catastrophe. Yet, a data provider is in the business of providing data, so access to the database cannot be restricted entirely. How is the data provider to permit legitimate access to users who request access to small portions of the database while protecting the database from wholesale copying?
We suggest that delay can be used for this purpose. We show, under reasonable assumptions, that it is possible to slow down the copying of the entire dataset by an arbitrary amount ensuring that queries that return a significant portion of the database introduce a delay that is orders of magnitude higher than that for legitimate user queries. We then consider issues of change, and show, under reasonable assumptions of rates of change, how to limit access so that the voyeur is guaranteed never to have a complete up-to-date dataset. We also present several extensions of these two major results.
We have implemented our technique on a commercial relational database, and we present numbers showing that the analytically expected delays are indeed observed experimentally, and also that the overheads of implementing our scheme are small.
Magesh Jayapandian, Brian Noble, James Mickens, H. V. Jagadish
Backmatter
Metadaten
Titel
Secure Data Management
herausgegeben von
Willem Jonker
Milan Petković
Copyright-Jahr
2004
Verlag
Springer Berlin Heidelberg
Electronic ISBN
978-3-540-30073-1
Print ISBN
978-3-540-22983-4
DOI
https://doi.org/10.1007/b99822