article

Micro-views, or on how to protect privacy while enhancing data usability: concepts and challenges

Authors:

Elisa BertinoAuthors Info & Claims

ACM SIGMOD Record, Volume 35, Issue 1

Pages 9 - 13

https://doi.org/10.1145/1121995.1121997

Published: 01 March 2006 Publication History

Abstract

The large availability of repositories storing various types of information about individuals has raised serious privacy concerns over the past decade. Nonetheless, database technology is far from providing adequate solutions to this problem that requires a delicate balance between an individual's privacy and convenience and data usability by enterprises and organizations - a database which is rigid and over-protective may render data of little value. Though these goals may seem odd, we argue that the development of solutions able to reconcile them will be an important challenge to be addressed in the next few years. We believe that the next wave of database technology will be represented by a DBMS that provides high-assurance privacy and security. In this paper, we elaborate on such challenges. In particular, we argue that we need to provide different views of data at a very fine level of granularity; conventional view technology is able to select only up to a single attribute value for a single tuple. We need to go even beyond this level. That is, we need a mechanism by which even a single value inside a tuple's attribute may have different views; we refer them as micro-views. We believe that such a mechanism can be an important building block, together with other mechanisms and tools, of the next wave of database technology.

References

[1]

Nabil Adam and John Wortmann. Security-control methods for statistical databases: A comparative study. ACM Computing Surveys (CSUR), 21, 1989.

Digital Library

[2]

Rakesh Agrawal, Jerry Kiernan, Ramakrishman Srikant, and Yirong Xu. Hippocratic databases. In The 28th International Conference on Very Large Databases (VLDB), 2002.

Digital Library

[3]

Paul Ashley, Calvin S. Powers, and Matthias Schunter. Privacy promises, access control, and privacy management. In Third International Symposium on Electronic Commerce, 2002.

Digital Library

[4]

Jiwon Byun, Elisa Bertino, and Ninghui Li. Purpose based access control for privacy protection in relational database systems. Technical Report 2004-52, Purdue University, 2004.

[5]

Jiwon Byun, Elisa Bertino, and Ninghui Li. Purpose based access control of complex data for privacy protection. In Symposium on Access Control Model And Technologies (SACMAT), 2005.

Digital Library

[6]

Dorothy Denning, Teresa Lunt, Roger Schell, William Shockley, and Mark Heckman. The seaview security model. In The IEEE Symposium on Research in Security and Privacy, 1998.

Digital Library

[7]

Xin Dong, Alon Halevy, Jayant Madhavan, and Ema Nemes. Reference reconciliation in complex information spaces. In ACM International Conference on Management of Data (SIGMOD), 2005.

Digital Library

[8]

I. P. Fellegi and A. B. Sunter. A theory for record linkage. Journal of the American Statistical Association, 1969.

[9]

IBM. The Enterprise Privacy Authorization Language (EPAL). Available at www.zurich.ibm.com/security/enterprise-privacy/epal.

[10]

Kristen LeFevre, Rakesh Agrawal, Vuk Ercegovac, Raghu Ramakrishnan, Yirong Xu, and David DeWitt. Disclosure in hippocratic databases. In The 30th International Conference on Very Large Databases (VLDB), August 2004.

Digital Library

[11]

Fausto Rabitti, Elisa Bertino, Won Kim, and Darrell Woelk. A model of authorization for next-generation database systems. In ACM Transactions on Database Systems (TODS), March 1991.

Digital Library

[12]

Forrester Research. Privacy concerns cost e-commerce $15 billion. Technical report, September 2001. Available at www.forrester.com.

[13]

Ravi Sandhu and Fang Chen. The multilevel relational data model. In ACM Transactions on Information and System Security, 1998.

Digital Library

[14]

Ravi Sandhu and Sushil Jajodia. Polyinstantiation integrity in multilevel relations. In IEEE Symposium on Security and Privacy, 1990.

[15]

Ravi Sandhu and Sushil Jajodia. Toward a multilevel secure relational data model. In ACM International Conference on Management of Data (SIGMOD), 1991.

Digital Library

[16]

S. Sarawagi and A. Bhamidipaty. Interactive deduplication using active learning. In ACM International conference on Knowledge discovery and data mining (SIGKDD), 2002.

Digital Library

[17]

Latanya Sweeney. Achieving k-anonymity privacy protection using generalization and suppression. In International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 2002.

Digital Library

[18]

Latanya Sweeney. K-anonymity: A model for protecting privacy. In International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 2002.

Digital Library

[19]

World Wide Web Consortium (W3C). A P3P Preference Exchange Language 1.0 (APPEL 1.0). Available at www.w3.org/TR/P3P-preforences.

[20]

World Wide Web Consortium (W3C). Platform for Privacy Preferences (P3P). Available at www.w3.org/P3P.

[21]

Kaping Yee. User interaction design for secure systems. In The 4th International Conference on Information and communications Security, 2002.

Digital Library

Cited By

Bhatia RGujral M(2019)Privacy Aware Access ControlCensorship, Surveillance, and Privacy10.4018/978-1-5225-7113-1.ch100(2028-2043)Online publication date: 2019
https://doi.org/10.4018/978-1-5225-7113-1.ch100
Bhatia RGujral M(2017)Privacy Aware Access ControlInternational Journal of Information Technologies and Systems Approach10.4018/IJITSA.201707010210:2(17-30)Online publication date: 1-Jul-2017
https://dl.acm.org/doi/10.4018/IJITSA.2017070102
Liu WWang LLiu WWang L(2016)Related WorkPreserving Privacy Against Side-Channel Leaks10.1007/978-3-319-42644-0_2(7-16)Online publication date: 25-Aug-2016
https://doi.org/10.1007/978-3-319-42644-0_2
Show More Cited By

Index Terms

Micro-views, or on how to protect privacy while enhancing data usability: concepts and challenges

Recommendations

Yet another privacy metric for publishing micro-data
WPES '08: Proceedings of the 7th ACM workshop on Privacy in the electronic society

Recently many schemes, including k-anonymity [8], l-diversity [6] and t-closeness [5] have been introduced for preserving individual privacy when publishing database tables. Furthermore k-anonymity and l-diversity have been shown to have weaknesses. In ...
Privacy-enhancing technologies: approaches and development

In this paper, we discuss privacy threats on the Internet and possible solutions to this problem. Examples of privacy threats in the communication networks are identity disclosure, linking data traffic with identity, location disclosure in connection ...
How (not) to protect genomic data privacy in a distributed network: using trail re-identification to evaluate and design anonymity protection systems

The increasing integration of patient-specific genomic data into clinical practice and research raises serious privacy concerns. Various systems have been proposed that protect privacy by removing or encrypting explicitly identifying information, such ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGMOD Record

ACM SIGMOD Record Volume 35, Issue 1

March 2006

71 pages

ISSN:0163-5808

DOI:10.1145/1121995

Issue’s Table of Contents

Copyright © 2006 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 2006

Published in SIGMOD Volume 35, Issue 1

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

29
Total Citations
View Citations
569
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bhatia RGujral M(2019)Privacy Aware Access ControlCensorship, Surveillance, and Privacy10.4018/978-1-5225-7113-1.ch100(2028-2043)Online publication date: 2019
https://doi.org/10.4018/978-1-5225-7113-1.ch100
Bhatia RGujral M(2017)Privacy Aware Access ControlInternational Journal of Information Technologies and Systems Approach10.4018/IJITSA.201707010210:2(17-30)Online publication date: 1-Jul-2017
https://dl.acm.org/doi/10.4018/IJITSA.2017070102
Liu WWang LLiu WWang L(2016)Related WorkPreserving Privacy Against Side-Channel Leaks10.1007/978-3-319-42644-0_2(7-16)Online publication date: 25-Aug-2016
https://doi.org/10.1007/978-3-319-42644-0_2
Liu WWang LZhang LZhu S(2015)k-jump: A strategy to design publicly-known algorithms for privacy preserving micro-data disclosureJournal of Computer Security10.3233/JCS-14051423:2(131-165)Online publication date: 3-Jun-2015
https://doi.org/10.3233/JCS-140514
NGUYEN-SON HTRAN MYOSHIURA HSONEHARA NECHIZEN I(2015)Anonymizing Personal Text Messages Posted in Online Social Networks and Detecting Disclosures of Personal InformationIEICE Transactions on Information and Systems10.1587/transinf.2014MUP0016E98.D:1(78-88)Online publication date: 2015
https://doi.org/10.1587/transinf.2014MUP0016
Bhatia RSingh M(2014)A Novel Trust-Based Privacy Preserving Access Control Framework in Web Services ParadigmIntelligent Computing, Communication and Devices10.1007/978-81-322-2012-1_46(441-453)Online publication date: 26-Aug-2014
https://doi.org/10.1007/978-81-322-2012-1_46
Ren YXiao Z(2012)A Formal Description for Multi-owner PrivacyNetwork Computing and Information Security10.1007/978-3-642-35211-9_87(689-695)Online publication date: 2012
https://doi.org/10.1007/978-3-642-35211-9_87
Sun XWang HLi JZhang Y(2011)Injecting purpose and trust into data anonymisationComputers and Security10.1016/j.cose.2011.05.00530:5(332-345)Online publication date: 1-Jul-2011
https://dl.acm.org/doi/10.1016/j.cose.2011.05.005
Li MSun XWang HZhang YZhang J(2011)Privacy-aware access control with trust management in web serviceWorld Wide Web10.1007/s11280-011-0114-814:4(407-430)Online publication date: 1-Jul-2011
https://dl.acm.org/doi/10.1007/s11280-011-0114-8
Ren YCheng FPeng ZHuang XSong W(2011)A privacy policy conflict detection method for multi-owner privacy data protectionElectronic Commerce Research10.1007/s10660-010-9067-811:1(103-121)Online publication date: 1-Jan-2011
https://dl.acm.org/doi/10.1007/s10660-010-9067-8
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents