Abstract
Privacy in electronic society is drawing more and more attention nowadays. Privacy concerns cause consumers to routinely abandon their shopping carts when too much personal information is being demanded. The estimated loss of internet sales due to such privacy concerns is as much as $18 billion according to analysts [17]. Ongoing efforts such as the platform for privacy preferences (P3P) [9],[43] help enterprises make promises about keeping private data secret, but they do not provide mechanisms for them to keep the promises [11]. Unfortunately, keeping one’s promises is usually easier said then done. Privacy breaches may occur in various ways after personal data have been collected and stored in the enterprise’s data warehouses.
This material is based upon work supported by the National Science Foundation under grants IIS-0242237 and IIS-0430402. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adam, N.R. and Wortmann, J.C. (1989). Security-control methods for statistical databases: a comparative study. ACM Computing Surveys, 21(4):515–556.
Agrawal, R. and Srikant, R. (2000). Privacy-preserving data mining. In Proceedings of the Nineteenth ACM SIGMOD Conference on Management of Data (SIGMOD’00), pages 439–450.
Agrawal, R., Srikant, R., and Thomas, D. (2005). Privacy-preserving olap. In Proceedings of the Twenty-fourth ACM SIGMOD Conference on Management of Data (SfGMOD’05), pages 251–262.
Beck, L.L. (1980). A security mechanism for statistical databases. ACM Trans. on Database Systems, 5(3):316–338.
Bhargava, B. (2000). Security in data warehousing (invited talk). In Proceedings of the 3rd Data Warehousing and Knowledge Discovery (DaWak’00).
Chin, F.Y. (1986). Security problems on inference control for sum, max, and min queries. Journal of the Association for Computing Machinery, 33(3):451–464.
Chin, F.Y. and Özsoyoglu, G. (1981). Statistical database design. ACM Trans. on Database Systems, 6(1): 113–139.
Chin, F.Y. and Özsoyoglu, G. (1982). Auditing and inference control in statistical databases. IEEE Trans. on Software Engineering, 8(6):574–582.
Consorortium, WWW. Platform for privacy preferences (p3p) project. http://www.w3.org/P3P/.
Cox, L.H. (2003). On properties of multi-dimensional statistical tables. Journal of Statistical Planning and Inference, 117(2):251–273.
Coyle, K. (1999). P3p: Pretty poor privacy? a social analysis of the platform for privacy preferences (p3p). http: //www.kcoyle.net/p3p.html. June.
Denning, D.E. (1982). Cryptography and data security. Addison-Wesley, Reading, Massachusetts.
Denning, D.E. and Schlörer, J. (1983). Inference controls for statistical databases. IEEE Computer, 16(7):69–82.
Dobkin, D., Jones, A.K., and Lipton, R.J. (1979). Secure databases: protection against user influence. ACM Trans. on Database Systems, 4(1):97–106.
Du, W. and Zhan, Z. (2002). Building decision tree classifier on private data. In Proceedings of the 2002 IEEE International Conference on Data Mining (ICDM’02).
Fellegi, L.P. and Sunter, A.B. (1969). A theory for record linkage. Journal of American Statistic Association, 64(328):1183–1210.
Gellman, R. (2002). How the lack of privacy costs consumers and why business studies of privacy costs are biased and incomplete. http://www.epic.org/reports/dmfprivacy.html.
Gray, J., Bosworth, A., Bosworth, A., Layman, A., Reichart, D., Venkatrao, M., Pellow, F., and Pirahesh, H. (1997). Data cube: A relational aggregation operator generalizing group-by, cross-tab, and sub-totals. Data Mining and Knowledge Discovery, 1(1):29–53.
Griffiths, P. and Wade, B.W. (1976). An authorization mechanism for a relational database system. ACM Transactions on Database Systems, 1(3):242–255.
Harinarayan, V, Rajaraman, A., and Ullman, J.D. (1996). Implementing data cubes efficiently. In Proceedings of the Fifteenth ACM SIGMOD international conference on Management of data (SIGMOD’96), pages 205–227.
Hoffman, K. (1961). Linear Algebra. Prentice-Hall, Englewood Cliffs, New Jersey.
Jajodia, S., Samarati, P., Sapino, M.L., and Subrahmanian, V.S. (2001). Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(4): 1–57.
Kleinberg, J., Papadimitriou, C, and Raghavan, P. (2000). Auditing boolean attributes. In Proceedings of the Ninth ACM SIGMOD-SIG ACT-SIGART Symposium on Principles of Database System, pages 86–91.
Li, Y., Wang, L., Wang, X.S., and Jajodia, S. (2002). Auditing interval-based inference. In Proceedings of the Fourteenth Conference on Advanced Information Systems Engineering (CAiSE’02), pages 553–568.
Malvestuto, F.M. and Mezzini, M. (2003). Auditing sum queries. In Proceedings of the Ninth International Conference on Database Theory (ICDT’03), pages 126–146.
Mateo-Sanz, J.M. and Domingo-Ferrer, J. (1998). A method for data-oriented multivariate microaggregation. In Proceedings of the Conference on Statistical Data Protection’ 98, pages 89–99.
Miklau, G. and Suciu, D. (2004). A formal analysis of information disclosure in data exchange. In Proceedings of the 23th ACM SIGMOD Conference on Management of Data (SIGMOD’ 04).
Newcombe, H.B., Kennedy, J.M., Axford, S.J., and James, A.P. (1959). Automatic linkage of vital records. Science, 130(3381):954–959.
Samarati, P. (2001). Protecting respondents’ identities in microdata release. IEEE Trans-actions on Knowledge and Data Engineering, 13(6):1010–1027.
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., and Youman, C.E. (1996). Role-based access control models. IEEE Computer, 29(2):38–47.
Schlörer, J. (1981). Security of statistical databases: multidimensional transformation. ACM Trans. on Database Systems, 6(1):95–112.
Shoshani, A. (1997). OLAP and statistical databases: Similarities and differences. In Proceedings of the Sixteenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS’97), pages 185–196.
T. Priebe, G. Pernul (2000). Towards olap security design-survey and research issues. In Proceedings of 3rd ACM International Workshop on Data Warehousing and OLAP (DOLAP’00), pages 114–121.
Traub, J.F., Yemini, Y., and Woźniakowski, H. (1984). The statistical security of a statistical database. ACM Trans. on Database Systems, 9(4):672–679.
Vaidya, J. and Clifton, C. (2002). Privacy preserving association rule mining in vertically partitioned data. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining (KDD’02), pages 639–644.
Wang, L., Jajodia, S., and Wijesekera, D. (2004a). Securing OLAP data cubes against privacy breaches. In Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P’04), pages 161–175.
Wang, L., Li, Y.J., Wijesekera, D., and Jajodia, S. (2003a). Precisely answering multidimensional range queries without privacy breaches. Technical Report ISE-TR-03-03. Available at http://ise.gmu.edu/techrep/.
Wang, L., Li, Y.J., Wijesekera, D., and Jajodia, S. (2003b). Precisely answering multidimensional range queries without privacy breaches. In Proceedings of the Eighth European Symposium on Research in Computer Security (ESORICS’03), pages 100–115.
Wang, L., Wijesekera, D., and Jajodia, S. (2004b). Cardinality-based inference control in data cubes. Journal of Computer Security, 12(5):655–692.
Willenborg, L. and Walal, T. de (1996). Statistical disclosure control in practice. Springer Verlag, New York.
Yao, C, Wang, X., and Jajodia, S. (2005). Checking for k-anonymity violation by views. In Proceedings of the Thirty-first Conference on Very Large Data Base (VLDB’05).
Yu, C.T. and Chin, F.Y. (1977). A study on the protection of statistical data bases. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’77), pages 169–181.
Yu, T., Li, N., and Antoń, A. (2004). A formal semantics for P3P. In Proceedings of the ACM Workshop on Secure Web Services (SWS’04).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Wang, L., Jajodia, S., Wijesekera, D. (2007). Preserving Privacy in On-line Analytical Processing Data Cubes. In: Yu, T., Jajodia, S. (eds) Secure Data Management in Decentralized Systems. Advances in Information Security, vol 33. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-27696-0_11
Download citation
DOI: https://doi.org/10.1007/978-0-387-27696-0_11
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-27694-6
Online ISBN: 978-0-387-27696-0
eBook Packages: Computer ScienceComputer Science (R0)