Skip to main content

Auditing and Inference Control for Privacy Preservation in Uncertain Environments

  • Conference paper
Smart Sensing and Context (EuroSSC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4272))

Included in the following conference series:

Abstract

In ubiquitous environments, context-aware agents have been developed to obtain, understand and share local contexts with each other so that the environments could be integrated seamlessly. Context sharing among agents should be made privacy-conscious. Privacy preferences are generally specified to regulate the exchange of the contexts, where who have rights to have what contexts are designated. However, the released contexts could be used to derive those unreleased. To date, there have been very few inference control mechanisms specifically tailored to context management in ubiquitous environments, especially when the environments are uncertain. In this paper, we present a Bayesian network-based inference control method to prevent privacy-sensitive contexts from being derived from those released in ubiquitous environments. We use Bayesian networks because the contexts of a user are generally uncertain, especially from somebody else’s point of view.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Chen, H., Finin, T., Joshi, A.: An ontology for context-aware pervasive computing environments. Knowledge Engineering Review, Special Issue on Ontologies for Distributed Systems 18(3), 197–207 (2004)

    Google Scholar 

  2. Khedr, M., Karmouch, A.: Negotiating context information in context-aware systems. IEEE Intelligent Systems 19(6), 21–29 (2004)

    Article  Google Scholar 

  3. Khedr, M., Karmouch, A.: ACAI: Agent-based context-aware infrastructure for spontaneous applications. Journal of Network and Computer Applications 28(1), 19–44 (2005)

    Article  Google Scholar 

  4. Davies, N., Gellersen, H.W.: Beyond prototypes: Challenges in deploying ubiquitous systems. IEEE Pervasive Computing 1(1), 26–35 (2002)

    Article  Google Scholar 

  5. Dey, A.: Understanding and using context. Personal and Ubiquitous Computing 5(1), 4–7 (2001)

    Article  Google Scholar 

  6. Warren, S., Brandeis, L.: The right to privacy. Harvard Law Review 4, 193–220 (1890)

    Article  Google Scholar 

  7. An, X., Jutla, D.: A survey of privacy technologies. Technical report, Faculty of Computer Science, Dalhousie University, Halifax, NS, Canada (2005)

    Google Scholar 

  8. Cranor, L., Langheinrich, M., Marchiori, M., Presler-Marshall, M., Reagle, J.: The platform for privacy preferences 1.0 (P3P 1.0) specification. Technical report, W3C Recommendation (2002), http://www.w3.org/TR/P3P

  9. Cranor, L., Langheinrich, M., Marchiori, M.: A P3P preference exchange language 1.0 (APPEL 1.0). Technical report, W3C Working Draft (2002), http://www.w3.org/TR/P3P-preference

  10. Clark, J., DeRose, S.: XML Path language (XPath) Version 1.0. Technical report, W3C Recommendation (1999), http://www.w3.org/TR/xpath

  11. Agrawal, R., Kieman, J., Srikant, R., Xu, Y.: An XPath-based preference language for P3P. In: Proceedings of the 12th International WWW Conference (WWW 2003), Budapest, Hungary (May 2003)

    Google Scholar 

  12. McBride, B., Wenning, R., Cranor, L.: A RDF schema for P3P. Technical report, W3C Note (2002), http://www.w3.org/TR/p3p-rdfschema

  13. Hogben, G.: P3P using the semantic web (OWL ontology, RDF policy and RDQL rules). Technical report, W3C Working Group Note (2004), http://www.w3.org/P3P/2004/040920_p3p-sw.html

  14. Hogben, G.: Describing the P3P base data schema using OWL. In: Kagal, L., Finin, T., Hendler, J. (eds.) Policy Management for the Web (PM4W): Proceedings of the 14th World Wide Web Conference (WWW’05) Workshop, Chiba, Japan, pp. 44–51 (2005)

    Google Scholar 

  15. Gandon, F.L., Sadeh, N.M.: Semantic web technologies to reconcile privacy and context awareness. Journal of Web Semantics 1(3) (2005)

    Google Scholar 

  16. Kagal, L., Finin, T., Joshi, A.: A policy language for pervasive systems. In: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como (2003)

    Google Scholar 

  17. Kagal, L., Finin, T., Joshi, A.: Declarative policies for describing web services capabilities and constraints. In: Proceedings of the W3C Workshop on Constraints and Capabilities for Web Services, Redwood Shores, CA, USA (2004)

    Google Scholar 

  18. Kolari, P., Ding, L., Ganjugunte, S., Kagal, L., Joshi, A., Finin, T.: Enhancing web privacy protection through declarative policies. In: Sahai, A., Winsborough, W.H. (eds.) Proceedings of the 6th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY 2005), Stockholm, Sweden, pp. 57–66. IEEE Computer Society, Los Alamitos (2005)

    Chapter  Google Scholar 

  19. Fellegi, I.: On the question of statistical confidentiality. Journal of American Statistical Association 67(337), 7–18 (1972)

    Article  MATH  Google Scholar 

  20. Denning, D.: Secure statistical databases with random sample queries. ACM Transactions on Database Systems 5(3), 291–315 (1980)

    Article  MATH  Google Scholar 

  21. Staddon, J.: Dynamic inference control. In: Zaki, M.J., Aggarwal, C.C. (eds.) Proceedings of the 8th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery (DMKD 2003), pp. 94–100. ACM Press, New York (2003)

    Chapter  Google Scholar 

  22. Shoshani, A.: Statistical databases: Characteristics, problems and some solutions. In: Proceedings of the 8th International Conference on Very Large Databases (VLDB 1982), Mexico City, Mexico, pp. 208–213 (1982)

    Google Scholar 

  23. Dey, A., Mankoff, J., Abowd, G., Carter, S.: Distributed mediation of ambiguous context in aware environments. In: Beaudouin-Lafon, M. (ed.) Proceedings of the 15th Annual ACM Symposium on User Interface Software and Technology (UIST 2002), Paris, France, pp. 121–130. ACM Press, New York (2002)

    Chapter  Google Scholar 

  24. Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann Publishers, San Francisco (1988)

    Google Scholar 

  25. Wong, W.-K., Cooper, G., Wagner, M.: Bayesian network anomaly pattern detection for disease outbreaks. In: Proceedings of the 20th International Conference on Machine Learning (ICML-2003), Washington DC, USA (2003)

    Google Scholar 

  26. Johansen, K., Lee, S.: Network security: Bayesian network intrusion detection. Technical report, Department of Computer Science, Johns Hopkins University, Baltimore, MD, USA (2003)

    Google Scholar 

  27. Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. In: Proceedings of the 19th Annual Computer Security Applications Conference, LasVegas, Nevada, USA (2003)

    Google Scholar 

  28. Reiter, R.: A logic for default reasoning. Artificial Intelligence 13, 81–132 (1980)

    Article  MATH  MathSciNet  Google Scholar 

  29. Nute, D.: Defeasible reasoning. In: Proceedings of the 20th Hawaii International Conference on System Science, Kailua-Kona, HI, USA, pp. 470–477. IEEE Press, Los Alamitos (1987)

    Google Scholar 

  30. Zadeh, L.: Fuzzy sets. Information and Control 8, 338–353 (1965)

    Article  MATH  MathSciNet  Google Scholar 

  31. McCarthy, J.: Circumscription | a form of non-monotonic reasoning. Artificial Intelligence 13, 27–39 (1980)

    Article  MATH  MathSciNet  Google Scholar 

  32. Moore, R.C.: Semantical considerations on non-monotonic logic. Artificial Intelligence 28, 75–94 (1985)

    Article  Google Scholar 

  33. Dempster, A.P.: Upper and lower probabilities induced by a multivalued mapping. Annual Mathematical Statistics 38, 325–339 (1967)

    Article  MATH  MathSciNet  Google Scholar 

  34. Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, Princeton (1976)

    MATH  Google Scholar 

  35. Dubois, D., Lang, J., Prade, H.: Automated reasoning using possibilistic logic: semantics, belief revision, and variable certainty weights. IEEE Transactions on Knowledge and Data Engineering 6(1), 64–71 (1994)

    Article  Google Scholar 

  36. Neapolitan, R.E.: Probabilistic Reasoning in Expert Systems: Theory and Algorithms. John Wiley & Sons, Inc., New York (1990)

    Google Scholar 

  37. Jajodia, S., Sandhu, R.: Polyinstantiation integrity in multilevel relations. In: Proceedings of the 1990 IEEE Symposium on Security and Privacy, pp. 104–115. IEEE Computer Society, Los Alamitos (1990)

    Chapter  Google Scholar 

  38. Cuppens, F., Gabillon, A.: Logical foundations of multilevel databases. Data & Knowledge Engineering 29(3), 199–222 (1999)

    Article  Google Scholar 

  39. Denning, D.E., Schlörer, J.: Inference control for statistical databases. IEEE Computer 16(7), 69–82 (1983)

    Google Scholar 

  40. Yip, R.W., Levitt, K.N.: Data level inference detection in database systems. In: Proceedings of the 11th IEEE Computer Security Foundations, Rockport, MA, pp. 179–189 (1998)

    Google Scholar 

  41. Denning, D.E., Denning, P.J., Schwartz, M.D.: The tracker: a threat to statistical database security. ACM Transactions on Database Systems 4(1), 76–96 (1979)

    Article  Google Scholar 

  42. Dobkin, D., Jones, A., Lipton, R.: Secure databases: Protection against user influence. ACM Transactions on Database Systems 4(1), 97–106 (1979)

    Article  Google Scholar 

  43. Cox, L.H.: Suppression methodology and statistical disclosure control. Journal of the American Statistical Association 75(370), 377–385 (1980)

    Article  MATH  Google Scholar 

  44. Chin, F.Y., Özsoyoglu, G.: Auditing and inference control in statistical databases. IEEE Transactions on Software Engineering 8(6), 574–582 (1982)

    Article  Google Scholar 

  45. Kleinberg, J., Papadimitriou, C., Raghavan, P.: Auditing boolean attributes. In: Proceedings of the 19th ACM SIGMOD-SIGART Symposium on Principles of Database Systems (PODS 2000), Dallas, TX, pp. 86–91. ACM Press, New York (2000)

    Chapter  Google Scholar 

  46. Traub, J.F., Yemini, Y., Woznaikowski, H.: The statistical security of a statistical database. ACM Transactions on Database Systems 9(4), 672–679 (1984)

    Article  Google Scholar 

  47. Beck, L.L.: A security mechanism for statistical databases. ACM Transactions on Database Systems 5(3), 316–338 (1980)

    Article  MATH  Google Scholar 

  48. Reiss, S.P.: Practical data-swapping: The first steps. ACM Transactions on Database Systems 9(1), 20–37 (1984)

    Article  MATH  Google Scholar 

  49. Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38, 199–222 (2001)

    Article  MATH  Google Scholar 

  50. Sicherman, G.L., de Jonge, W., van de Riet, R.P.: Answering queries without revealing secrets. ACM Transactions on Database Systems 8(1), 41–59 (1983)

    Article  MATH  Google Scholar 

  51. Stickel, M.E.: Elimination of inference channels by optimal upgrading. In: Proceedings of the 1994 IEEE Symposium on Security and Privacy, Oakland, CA, pp. 168–174. IEEE Computer Society, Los Alamitos (1994)

    Google Scholar 

  52. Biskup, J.: For unknown secrecies refusal is better than lying. Data & Knowledge Engineering 33, 1–24 (2000)

    Article  MATH  Google Scholar 

  53. Biskup, J., Bonatti, P.: Controlled query evaluation for known policies by combing lying and refusal. Annals of Mathematics and Artificial Intelligence 40(1-2), 37–62 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  54. Jensen, F.V.: An introduction to Bayesian networks. UCL Press, London, UK (1996)

    Google Scholar 

  55. Castillo, E., Gutierrez, J.M., Hadi, A.S.: Expert Systems and Probabilistic Network Models. Springer, Heidelberg (1997)

    Google Scholar 

  56. Heckerman, D.: A tutorial on learning with Bayesian networks. Technical report, Microsoft Research, MSR-TR-95-06 (1995)

    Google Scholar 

  57. Tong, S., Koller, D.: Active learning for parameter estimation in Bayesian networks. In: Leen, T.K., Dietterich, T.G., Tresp, V. (eds.) Advances in Neural Information Processing Systems 13 (NIPS 2000). MIT Press, Cambridge (2000)

    Google Scholar 

  58. Cheng, J., Greiner, R.: Learning Bayesian belief network classifiers: algorithms and systems. In: Proceedings of the 14th Canadian Conference on Artificial Intelligence, pp. 141–151. Springer, Heidelberg (2001)

    Google Scholar 

  59. Neapolitan, R.E.: Learning Bayesian Networks. Prentice-Hall, Englewood Cliffs (2003)

    Google Scholar 

  60. Meng, D., Sivakumar, K., Kargupta, H.: Privacy sensitive Bayesian network parameter learning. In: Proceedings of the 4th IEEE International Conference on Data Mining (ICDM 2004), Brighton, UK, pp. 427–430. IEEE Computer Society Press, Los Alamitos (2004)

    Google Scholar 

  61. D’Ambrosio, B.: Inference in Bayesian networks. AI Magazine 20(2), 21–36 (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

An, X., Jutla, D., Cercone, N. (2006). Auditing and Inference Control for Privacy Preservation in Uncertain Environments. In: Havinga, P., Lijding, M., Meratnia, N., Wegdam, M. (eds) Smart Sensing and Context. EuroSSC 2006. Lecture Notes in Computer Science, vol 4272. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11907503_12

Download citation

  • DOI: https://doi.org/10.1007/11907503_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-47842-3

  • Online ISBN: 978-3-540-47845-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics