Skip to main content
SpringerLink
Log in
Book cover

Secure Data Management in Decentralized Systems pp 355–380Cite as

Preserving Privacy in On-line Analytical Processing Data Cubes

  • Chapter

Part of the book series: Advances in Information Security ((ADIS,volume 33))

Abstract

Privacy in electronic society is drawing more and more attention nowadays. Privacy concerns cause consumers to routinely abandon their shopping carts when too much personal information is being demanded. The estimated loss of internet sales due to such privacy concerns is as much as $18 billion according to analysts [17]. Ongoing efforts such as the platform for privacy preferences (P3P) [9],[43] help enterprises make promises about keeping private data secret, but they do not provide mechanisms for them to keep the promises [11]. Unfortunately, keeping one’s promises is usually easier said then done. Privacy breaches may occur in various ways after personal data have been collected and stored in the enterprise’s data warehouses.

This material is based upon work supported by the National Science Foundation under grants IIS-0242237 and IIS-0430402. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   89.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adam, N.R. and Wortmann, J.C. (1989). Security-control methods for statistical databases: a comparative study. ACM Computing Surveys, 21(4):515–556.

    Article  Google Scholar 

  2. Agrawal, R. and Srikant, R. (2000). Privacy-preserving data mining. In Proceedings of the Nineteenth ACM SIGMOD Conference on Management of Data (SIGMOD’00), pages 439–450.

    Google Scholar 

  3. Agrawal, R., Srikant, R., and Thomas, D. (2005). Privacy-preserving olap. In Proceedings of the Twenty-fourth ACM SIGMOD Conference on Management of Data (SfGMOD’05), pages 251–262.

    Google Scholar 

  4. Beck, L.L. (1980). A security mechanism for statistical databases. ACM Trans. on Database Systems, 5(3):316–338.

    Article  MATH  MathSciNet  Google Scholar 

  5. Bhargava, B. (2000). Security in data warehousing (invited talk). In Proceedings of the 3rd Data Warehousing and Knowledge Discovery (DaWak’00).

    Google Scholar 

  6. Chin, F.Y. (1986). Security problems on inference control for sum, max, and min queries. Journal of the Association for Computing Machinery, 33(3):451–464.

    MathSciNet  Google Scholar 

  7. Chin, F.Y. and Özsoyoglu, G. (1981). Statistical database design. ACM Trans. on Database Systems, 6(1): 113–139.

    Article  Google Scholar 

  8. Chin, F.Y. and Özsoyoglu, G. (1982). Auditing and inference control in statistical databases. IEEE Trans. on Software Engineering, 8(6):574–582.

    Google Scholar 

  9. Consorortium, WWW. Platform for privacy preferences (p3p) project. http://www.w3.org/P3P/.

    Google Scholar 

  10. Cox, L.H. (2003). On properties of multi-dimensional statistical tables. Journal of Statistical Planning and Inference, 117(2):251–273.

    Article  MATH  MathSciNet  Google Scholar 

  11. Coyle, K. (1999). P3p: Pretty poor privacy? a social analysis of the platform for privacy preferences (p3p). http: //www.kcoyle.net/p3p.html. June.

    Google Scholar 

  12. Denning, D.E. (1982). Cryptography and data security. Addison-Wesley, Reading, Massachusetts.

    MATH  Google Scholar 

  13. Denning, D.E. and Schlörer, J. (1983). Inference controls for statistical databases. IEEE Computer, 16(7):69–82.

    Google Scholar 

  14. Dobkin, D., Jones, A.K., and Lipton, R.J. (1979). Secure databases: protection against user influence. ACM Trans. on Database Systems, 4(1):97–106.

    Article  Google Scholar 

  15. Du, W. and Zhan, Z. (2002). Building decision tree classifier on private data. In Proceedings of the 2002 IEEE International Conference on Data Mining (ICDM’02).

    Google Scholar 

  16. Fellegi, L.P. and Sunter, A.B. (1969). A theory for record linkage. Journal of American Statistic Association, 64(328):1183–1210.

    Article  Google Scholar 

  17. Gellman, R. (2002). How the lack of privacy costs consumers and why business studies of privacy costs are biased and incomplete. http://www.epic.org/reports/dmfprivacy.html.

    Google Scholar 

  18. Gray, J., Bosworth, A., Bosworth, A., Layman, A., Reichart, D., Venkatrao, M., Pellow, F., and Pirahesh, H. (1997). Data cube: A relational aggregation operator generalizing group-by, cross-tab, and sub-totals. Data Mining and Knowledge Discovery, 1(1):29–53.

    Article  Google Scholar 

  19. Griffiths, P. and Wade, B.W. (1976). An authorization mechanism for a relational database system. ACM Transactions on Database Systems, 1(3):242–255.

    Article  Google Scholar 

  20. Harinarayan, V, Rajaraman, A., and Ullman, J.D. (1996). Implementing data cubes efficiently. In Proceedings of the Fifteenth ACM SIGMOD international conference on Management of data (SIGMOD’96), pages 205–227.

    Google Scholar 

  21. Hoffman, K. (1961). Linear Algebra. Prentice-Hall, Englewood Cliffs, New Jersey.

    Google Scholar 

  22. Jajodia, S., Samarati, P., Sapino, M.L., and Subrahmanian, V.S. (2001). Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(4): 1–57.

    Google Scholar 

  23. Kleinberg, J., Papadimitriou, C, and Raghavan, P. (2000). Auditing boolean attributes. In Proceedings of the Ninth ACM SIGMOD-SIG ACT-SIGART Symposium on Principles of Database System, pages 86–91.

    Google Scholar 

  24. Li, Y., Wang, L., Wang, X.S., and Jajodia, S. (2002). Auditing interval-based inference. In Proceedings of the Fourteenth Conference on Advanced Information Systems Engineering (CAiSE’02), pages 553–568.

    Google Scholar 

  25. Malvestuto, F.M. and Mezzini, M. (2003). Auditing sum queries. In Proceedings of the Ninth International Conference on Database Theory (ICDT’03), pages 126–146.

    Google Scholar 

  26. Mateo-Sanz, J.M. and Domingo-Ferrer, J. (1998). A method for data-oriented multivariate microaggregation. In Proceedings of the Conference on Statistical Data Protection’ 98, pages 89–99.

    Google Scholar 

  27. Miklau, G. and Suciu, D. (2004). A formal analysis of information disclosure in data exchange. In Proceedings of the 23th ACM SIGMOD Conference on Management of Data (SIGMOD’ 04).

    Google Scholar 

  28. Newcombe, H.B., Kennedy, J.M., Axford, S.J., and James, A.P. (1959). Automatic linkage of vital records. Science, 130(3381):954–959.

    Article  Google Scholar 

  29. Samarati, P. (2001). Protecting respondents’ identities in microdata release. IEEE Trans-actions on Knowledge and Data Engineering, 13(6):1010–1027.

    Article  Google Scholar 

  30. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., and Youman, C.E. (1996). Role-based access control models. IEEE Computer, 29(2):38–47.

    Google Scholar 

  31. Schlörer, J. (1981). Security of statistical databases: multidimensional transformation. ACM Trans. on Database Systems, 6(1):95–112.

    Article  MATH  Google Scholar 

  32. Shoshani, A. (1997). OLAP and statistical databases: Similarities and differences. In Proceedings of the Sixteenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS’97), pages 185–196.

    Google Scholar 

  33. T. Priebe, G. Pernul (2000). Towards olap security design-survey and research issues. In Proceedings of 3rd ACM International Workshop on Data Warehousing and OLAP (DOLAP’00), pages 114–121.

    Google Scholar 

  34. Traub, J.F., Yemini, Y., and Woźniakowski, H. (1984). The statistical security of a statistical database. ACM Trans. on Database Systems, 9(4):672–679.

    Article  Google Scholar 

  35. Vaidya, J. and Clifton, C. (2002). Privacy preserving association rule mining in vertically partitioned data. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining (KDD’02), pages 639–644.

    Google Scholar 

  36. Wang, L., Jajodia, S., and Wijesekera, D. (2004a). Securing OLAP data cubes against privacy breaches. In Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P’04), pages 161–175.

    Google Scholar 

  37. Wang, L., Li, Y.J., Wijesekera, D., and Jajodia, S. (2003a). Precisely answering multidimensional range queries without privacy breaches. Technical Report ISE-TR-03-03. Available at http://ise.gmu.edu/techrep/.

    Google Scholar 

  38. Wang, L., Li, Y.J., Wijesekera, D., and Jajodia, S. (2003b). Precisely answering multidimensional range queries without privacy breaches. In Proceedings of the Eighth European Symposium on Research in Computer Security (ESORICS’03), pages 100–115.

    Google Scholar 

  39. Wang, L., Wijesekera, D., and Jajodia, S. (2004b). Cardinality-based inference control in data cubes. Journal of Computer Security, 12(5):655–692.

    Google Scholar 

  40. Willenborg, L. and Walal, T. de (1996). Statistical disclosure control in practice. Springer Verlag, New York.

    MATH  Google Scholar 

  41. Yao, C, Wang, X., and Jajodia, S. (2005). Checking for k-anonymity violation by views. In Proceedings of the Thirty-first Conference on Very Large Data Base (VLDB’05).

    Google Scholar 

  42. Yu, C.T. and Chin, F.Y. (1977). A study on the protection of statistical data bases. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’77), pages 169–181.

    Google Scholar 

  43. Yu, T., Li, N., and Antoń, A. (2004). A formal semantics for P3P. In Proceedings of the ACM Workshop on Secure Web Services (SWS’04).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4444, USA

    Lingyu Wang, Sushil Jajodia & Duminda Wijesekera

Authors
  1. Lingyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Duminda Wijesekera
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. Computer Science, North Carolina State University, 3254 EB II, Raleigh, NC, 27695

    Ting Yu

  2. Center for Secure Information Systems, George Mason University, 4400 University Drive, Fairfax, VA, 22030-4444

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Wang, L., Jajodia, S., Wijesekera, D. (2007). Preserving Privacy in On-line Analytical Processing Data Cubes. In: Yu, T., Jajodia, S. (eds) Secure Data Management in Decentralized Systems. Advances in Information Security, vol 33. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-27696-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-27696-0_11

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-27694-6

  • Online ISBN: 978-0-387-27696-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation