Abstract
In a centralized setting, the declarative nature of SQL is a major strength: a user can simply describe what she wants to retrieve, and need not worry about how the resulting query plan is actually generated and executed. However, in a decentralized setting, two query plans that produce the same result might actually reveal vastly different information about the intensional description of a user’s query to the servers participating its evaluation. In cases where a user considers portions of her query to be sensitive, this is clearly problematic. In this paper, we address the specification and enforcement of querier privacy constraints on the execution of distributed database queries. We formalize a notion of intensional query privacy called (I,A)-privacy, and extend the syntax of SQL to allow users to enforce strict (I,A)-privacy constraints or partially ordered privacy/performance preferences over the execution of their queries.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bell, D.E., Lapadula, L.J.: Secure computer system: unified exposition and multics interpretation (March 1976)
Botha, R.A., Eloff, J.H.P.: Separation of duties for access control enforcement in workflow environments. IBM Syst. J. 40, 666–682 (2001)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS (1995)
Dierks, T., Rescorla, E.: Rfc 5246: The transport layer security (tls) protocol version 1.2 (August 2008)
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)
Elmasri, R., Navathe, S.B.: Fundamentals of Database Systems. Addison-Wesley, Reading (2007)
Farnan, N.L., Lee, A.J., Chrysanthis, P.K., Yu, T.: Dont reveal my intension: Protecting user privacy using declarative preferences during distributed query processing. Technical Report TR-11-179, University of Pittsburgh, Dept. of Computer Science (2011)
Farnan, N.L., Lee, A.J., Yu, T.: Investigating privacy-aware distributed query evaluation. In: WPES (2010)
Ferraiolo, D., Kuhn, R.: Role-based access control. In: NIST-NCSC (1992)
Franklin, M.J., Jónsson, B.T., Kossmann, D.: Performance tradeoffs for client-server query processing. SIGMOD Rec. 25, 149–160 (1996)
Information technology - database language sql (1992)
Kießling, W.: Foundations of preferences in database systems. In: VLDB (2002)
Kießling, W., Köstler, G.: Preference sql: design, implementation, experiences. In: VLDB (2002)
Kossmann, D.: The state of the art in distributed query processing. ACM Comput. Surv. 32(4), 422–469 (2000)
Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: FOCS (1997)
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: ICDE (2007)
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-diversity: Privacy beyond k-anonymity. ACM TKDD 1(1), 3 (2007)
Melchor, C.A., Crespin, B., Gaborit, P., Jolivet, V., Rousseau, P.: High-speed private information retrieval computation on gpu. In: SECURWARE (2008)
National Computer Security Center (NCSC). Glossary of Computer Security Terms (ncsc-tg-04) (October 1988), http://csrc.nist.gov/publications/secpubs/rainbow/tg004.txt
Olumofin, F.G., Goldberg, I.: Privacy-preserving queries over relational databases. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 75–92. Springer, Heidelberg (2010)
Papadimos, V., Maier, D., Tufte, K.: Distributed query processing and catalogs for peer-to-peer systems. In: CIDR (2003)
Samarati, P.: Protecting respondents’ identities in microdata release. IEEE TKDE 13, 1010–1027 (2001)
Sion, R., Carbunar, B.: On the practicality of private information retrieval. In: NDSS (2007)
Tran, S., Mohan, M.: Security information management challenges and solutions (July 2006), http://www.ibm.com/developerworks/data/library/techarticle/dm-0607tran/index.html
Wang, L., Wijesekera, D., Jajodia, S.: A logic-based framework for attribute based access control. In: FMSE (2004)
Williams, P., Sion, R.: Usable PIR. In: NDSS (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Farnan, N.L., Lee, A.J., Chrysanthis, P.K., Yu, T. (2011). Don’t Reveal My Intension: Protecting User Privacy Using Declarative Preferences during Distributed Query Processing. In: Atluri, V., Diaz, C. (eds) Computer Security – ESORICS 2011. ESORICS 2011. Lecture Notes in Computer Science, vol 6879. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23822-2_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-23822-2_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23821-5
Online ISBN: 978-3-642-23822-2
eBook Packages: Computer ScienceComputer Science (R0)