Abstract
Legitimately collected and accessed data must also be used appropriately according to laws, guidelines, policies or the (current) preferences of data subjects. For example, inconsistency between the data collection purpose and the data usage purpose may conflict with some privacy principles. In this contribution we motivate adopting the usage control model when joining vertically-separated relational datasets and characterize it as obligations within the Usage Control (UCON) model. Such obligations are defined by the state of the object (i.e., a dataset) in the UCON model with respect to the state of another object/dataset. In case of the join operation, dependency on two UCON objects (i.e., two datasets) results in a new type of UCON obligations. We describe also a number of mechanisms to realize the identified concept in database management systems. To this end, we also provide some example methods for determining whether two given datasets can be joined.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
From this point on we shall use the term pre-obligation to refer to this situation as the term on-going obligation is not much meaningful for a join operation.
References
Agrawal, R., et al.: Hippocratic databases. In: Proceedings of the 28th International Conference on Very Large Data Bases, vol. 4, no. 1890, pp. 143–154 (2002)
Bargh, M.S., Choenni, S.: On preserving privacy whilst integrating data in connected information systems. In: Proceedings of International Conference on Cloud Security Management (ICCSM 2013), Guimarães, Portugal (2013)
Bargh, MS., Vink, M.E., Choenni, S.: On usage control in relational database management systems: obligations and their enforcement in joining datasets. In: Proceedings of 3rd International Conference on Information Systems Security and Privacy (ICISSP), Porto, Portugal, 19–21 February 2017
Bettini, C., et al.: Provisions and obligations in policy rule management. J. Netw. Syst. Manag. 11(3), 351–372 (2013)
Byun, J., Li, N.: Purpose based access control for privacy protection in relational database systems. VLDB J. 17, 603–619 (2008)
Choenni, S., Bargh, M.S., Roepan, C., Meijer, R.F.: Privacy and security in smart data collection by citizens. In: Gil-Garcia, J.R., Pardo, T.A., Nam, T. (eds.) Smarter as the New Urban Agenda. PAIT, vol. 11, pp. 349–366. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-17620-8_19
Choenni, S., van Dijk, J., Leeuw, F.: Preserving privacy whilst integrating data: applied to criminal justice. Inf. Polity 15(1–2), 125–138 (2010)
Colombo, P., Ferrari, E.: Enforcing obligations within relational database management systems. IEEE Trans. Depend. Secur. Comput. 11, 1–14 (2014)
Dawes, S.S.: Information policy meta-principles: stewardship and usefulness. In: Sprague Jr., R.H. (ed.) Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS), pp. 1–10 (2010)
Dawes, S.S.: Stewardship and usefulness: policy principles for information-based transparency. Gov. Inf. Q. 27(4), 377–383 (2010)
Fung, B.C.M., et al.: Privacy-preserving data publishing. ACM Comput. Surv. 42(4), 1–53 (2010)
Gama, P., Ribeiro, C., Ferreira, P.: Heimdhal: a history-based policy engine for grids. In: Sixth IEEE International Symposium on In Cluster Computing and the Grid (CCGRID) (2006)
Hilty, M., Basin, D., Pretschner, A.: On obligations. In: di Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 98–117. Springer, Heidelberg (2005). https://doi.org/10.1007/11555827_7
Jacobs, B., et al.: Polymorphic Encryption and Pseudonymization (PEP) for Privacy-Friendly Personalised Medicine. Presentations, ICIS Digital Security, Radboud University, 16 September 2016
Karr, A.F., et al.: Secure, privacy-preserving analysis of distributed databases. Technometrics 49(3), 335–345 (2007)
Katt, B. et al.: A general obligation model and continuity: enhanced policy enforcement engine for usage control. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (SACMAT 2008), pp. 123–132 (2008)
Kosinski, M., Stillwell, D., Graepel, T.: Private traits and attributes are predictable from digital records of human behavior. Proc. Natl. Acad. Sci. U.S.A. 110(15), 5802–5805 (2013)
Laur, S., Talviste, R., Willemson, J.: From oblivious AES to efficient and secure database join in the multiparty setting. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 84–101. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38980-1_6
Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: a survey. Comput. Sci. Rev. 4(2), 81–99 (2010)
Lopez, J., Oppliger, R., Pernul, G.: Authentication and authorization infrastructures (AAIs): a comparative survey. Comput. Secur. 23(7), 578–590 (2004)
de Montjoye, Y.-A., et al.: Unique in the crowd: the privacy bounds of human mobility. Sci. Rep. 3, 1376 (2013)
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets open datasets. In: IEEE Symposium on Security and Privacy (SP 2008), pp. 111–125 (2008)
Ni, Q., Bertino, E., Lobo, J.: An obligation model bridging access control policies and privacy policies. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies - SACMAT 2008, p. 133 (2008)
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. 7(1), 128–174 (2004)
Sandhu, R., Park, J.: Usage control: a vision for next generation access control. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45215-7_2
Sankar, L., Rajagopalan, S., Poor, H.: Utility-privacy tradeoff in databases: an information-theoretic approach. IEEE Trans. Inf. Forensics Secur. 8, 838–852 (2013)
Sweeny, L.: Uniqueness of simple demographics in the U.S. population. Carnegie Mellon University, Laboratory for International Data Privacy, Pittsburgh, PA (2000)
Verheul, E., et al.: Polymorphic Encryption and Pseudonymisation for Personalised Healthcare (2016). https://www.semanticscholar.org/paper/Polymorphic-Encryption-and-Pseudonymisation-for-Verheul-Jacobs/7dfce578644bc101ae4ffcd0184d2227c6d07809
Wang, W., Ying, L., Zhang, J.: On the relation between identifiability, differential privacy and mutual-information privacy. In: 52nd IEEE Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp. 1086–1092 (2014)
Zhang, X., et al.: Formal model and policy specification of usage control. ACM Trans. Inf. Syst. Secur. 8(4), 351–387 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Bargh, M.S., Vink, M., Choenni, S. (2018). On Using Obligations for Usage Control in Joining of Datasets. In: Mori, P., Furnell, S., Camp, O. (eds) Information Systems Security and Privacy. ICISSP 2017. Communications in Computer and Information Science, vol 867. Springer, Cham. https://doi.org/10.1007/978-3-319-93354-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-93354-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93353-5
Online ISBN: 978-3-319-93354-2
eBook Packages: Computer ScienceComputer Science (R0)