[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.5555/1274531.1274552dlproceedingsArticle/Chapter ViewAbstractPublication Pagesaus-cswConference Proceedingsconference-collections
Article
Free access

The motivation and proposition of a privacy-enhancing architecture for operational databases

Published: 30 January 2007 Publication History

Abstract

To date, research has focussed on privacy from a wide perspective, enabling organisations to implement various technologies that contribute to privacy protection. However, in such approaches the perspective of the data subject is often obscured in favour of meeting technical design requirements. The privacy architecture proposed in this paper is premised upon a view of privacy as unique to each individual person, changing over time and maintained through the control of personal data. This conceptualisation of privacy is evidenced by the research literature as well as various legislation. This paper establishes a requirement for a Privacy-Enhancing Technology for operational databases through a consideration of the state of practice and the relevant literature. An architecture for such a technology, which acknowledges and supports this understanding of privacy and which is based upon the Use and Disclosure Principle of the Australian privacy regulation framework, is then proposed. The architecture extends its privacy protection capabilities from primary to secondary data processing applications.

References

[1]
Acquisti, A. & Grossklags, J. (2005): Privacy and rationality in individual decision making. IEEE Security and Privacy, 3(1):26--33.
[2]
Agrawal, D. & Aggarwal, C. C. (2001): On the design and quantification of privacy preserving data mining algorithms. Proc of the 20th ACM Symposium on Principles of Database Systems. Santa Barbara, California, US, 247--255, ACM Press.
[3]
Agrawal, R. & Srikant, R. (2000): Privacy-preserving data mining. Proc. of the ACM SIGMOD Conference on Management of Data. Dallas, Texas, US, 439--450, ACM Press.
[4]
Akdeniz, Y., Clarke, O., Kelman, A. & Oram, A. (1997): Cryptography and Liberty: Can the Trusted Third Parties be Trusted? A Critique of the Recent UK Proposals. The Journal of Information, Law and Technology (2).
[5]
Atallah, M. J., Bertino, E., Elmagarmid, A. K., Ibrahim, M. & Verykois, V. S. (1999): Disclosure limitation of sensitive rules. Proc. of the IEEE Knowledge and Data Engineering Workshop. Chicago, Illinois, US, 45--52, IEEE Computer Society Press
[6]
ACT legislation register (1997): Health Records (Privacy and Access) Act. http://www.legislation.act.gov.au/. Accessed 20 Oct 2006.
[7]
Baase, S. (1997): A gift of fire: social, legal, and ethical issues in computing, New Jersey, Prentice-Hall.
[8]
Borking, J. & Raab, C. (2001): Laws, PETs and other technologies for privacy protection. The Journal of Information, Law and Technology (1).
[9]
Burkert, H. (1997): Privacy-Enhancing Technologies: typology, critique, vision. In Technology and privacy: the new landscape. 125--142. P. E. Agre & M. Rotenberg (eds). The MIT Press, Massachusetts, US.
[10]
Burwen, M. P. (1998): Database solutions: a white paper covering market, competitive and user trends and issues for data warehousing, decision support, business intelligence, knowledge management. Palo Alto Management Group, Inc.
[11]
Camenisch, J. & Lysyanskaya, A. (2001): An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation. EUROCRYPT 2001: Proc. of the International Conference on the Theory and Application of Cryptographic Techniques. Innsbruck, Austria. 93--118.
[12]
Cavoukian, A.: Data Mining: staking a claim on your privacy. http://www.ipc.on.ca/. Accessed 27 Apr 2000.
[13]
Center for Democracy and Technology: Privacy basics: the OECD guidelines. http://www.edt.org/. Accessed 6 February 2002.
[14]
Chang, L. & Moskowitz, I. S. (2000): An integrated framework for database inference and privacy protection. Data and Applications Security, IFIP Working Group 11.3. Schoorl, The Netherlands, 161--172, Kluwer Academic.
[15]
Clarke, R. (2001): Introducing PITs and PETs: Technologies affecting privacy. Privacy law and policy reporter 7(9):181--183.
[16]
Clifton, C., Kantarcioglou, M., Lin, X. & Zhu, M. Y. (2002): Tools for privacy preserving distributed data mining. SIGKDD Explorations 4(2).
[17]
Cooley, T. (1888): A Treatise on the Law of Torts or the Wrongs which arise independent of contract, 2nd ed. Callaghan, Chicago, USA.
[18]
Davenport, T. H., DeLong, D. W. & Beers, M. C. (1998): Successful knowledge management projects. Sloan Management Review 39(2):43--57.
[19]
Denning, D. (1986): An Intrusion-Detection Model. IEEE Transactions on Software Engineering SE-13(2):222--232.
[20]
Du, W. & Atallah, M. J. (2001): Secure multi-party computation problems and their applications: A review and open problems. Proc. of the 2001 Workshop on New Security Paradigms. Cloudcroft, New Mexico, 13--22, ACM Press.
[21]
Elmasri, R. & Navathe, S. B. (1994): Fundamentals of database systems, 2nd edn. Benjamin Cummings Publishing Company, Inc, California, US.
[22]
European Parliament & the Council of the European Union. (1995): Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995. Official Journal of the European Communities (L. 281):31--39.
[23]
Fayyad, U., Piatetsky-Shapiro, G. & Smyth, P. (1996): From Data Mining to Knowledge Discovery in databases. AI magazine 17(3):37--54.
[24]
Fischer-Hübner, S. (2001): IT-security and privacy: design and use of privacy-enhancing security mechanisms, Springer-Verlag, Berlin, Germany.
[25]
Gabber, E., Gibbons, P., Matias, Y. & A. Mayer, A. (1997): How to Make Personalized Web Browsing Simple, Secure, and Anonymous. Proc. of Financial Cryptography 97. Anguilla, UK, 17--31, SpringerVerlag.
[26]
Gavison, R. (1984): Privacy and the limits of law. Yale law journal 89: 421--71.
[27]
Goldberg, I., Wagner, D. & Brewer, E. (1997); Privacy-enhancing Technologies for the Internet. Proc. of 42nd IEEE International Computer Conference: Hot Systems, Cool Software, San Jose, California, US, 103--109, IEEE Computer Society Press.
[28]
Gunning, P. (1997): Evaluating privacy for Internet users and service providers. Privacy law & policy reporter 4(4):67--70.
[29]
Ioannidis, I., Grarna, A. & Atallah, M. (2002): A secure protocol for computing do-products in clustered and distributed environments. Proc. of the International Conference on Parallel Processing. Vancouver, British Columbia, Canada, 379--384, IEEE Computer Society Press.
[30]
Kantarcioglu, M. & Clifton, C. (2002): Privacy preserving distributed mining of association rules on horizontally partitioned data. IEEE Transactions on Knowledge and Data Engineering 16(9):1026--1037.
[31]
Kizza, J. M. (1998): Ethical and social issues in the information age, Springer-Verlag Inc, New York, US.
[32]
Kobsa, A. (2001): Tailoring privacy to users' needs. Lecture Notes in Artificial Intelligence 2109, eds M. Bauer, P. J. Gmytrasiewicz & J. Vassileva, Springer-Verlag, 303--313.
[33]
Kohavi, R. (1998): Crossing the chasm: from academic machine learning to commercial Data Mining. Invited talk at ICML--98.
[34]
Lindell, Y. & Pinkas, B. (2002): Privacy preserving data mining. Journal of Cryptology 15(3):177--206.
[35]
Marshall, J.: CGIProxy. http://www.jmarshall.com/. Accessed 24 April 2002.
[36]
NSW Lawlink (2002): Health Records and Information Privacy Act. http://www.lawlink.nsw.gov.au/. Accessed 20 Oct 2006.
[37]
NSW Lawlink (1998): Privacy and Personal Information Protection Act. http://www.lawlink.nsw.gov.au/. Accessed 20 Oct 2006.
[38]
Office of Legislative Drafting, 2001, The national privacy principles in the privacy amendment (private sector) Act 2000 as at 10/01/2001, Human Rights and Equal Opportunity Commission.
[39]
Organisation of Economic Cooperation and Development: Guidelines governing the protection of privacy and transborder flows of personal data. http://www.oecd.org/. Accessed 1 May 2000.
[40]
Pfleeger, C. P. (1997): Security in computing, Prentice-Hall, New Jersey, US.
[41]
Privacy Act 1988: Act No. 119 of 1988 as amended. http://scaleplus.law.gov.au/. Accessed 19 Dec 2001.
[42]
Rachels, J. (1975): Why privacy is important. Philosophy and public affairs 4(4):323--333
[43]
Registratiekamer (Netherlands) & Information and Privacy Commissioner (Ontario, Canada): Privacy-Enhancing Technologies: the path to anonymity, vol 1. http://www.ipc.on.ca/. Accessed 19 February 2002
[44]
Reiter, M. K. & Rubin A. D. (1998): Crowds: anonymity for web transactions. ACM transactions on information and system security (TISSEC) 1(1):66--92.
[45]
Rizvi, S. J. & Haritsa, J. R. (2002): Maintaining data privacy in association rule mining. Proc. of the 28th International Conference on Very Large Databases. Hong Kong, China, 682--693, Morgan Kaufmann Publishers.
[46]
Tavani, H. (1996); Computer matching and personal privacy: Can they be compatible? In Proc of the Symposium on Computers and the Quality of Life. Philadelphia, Pennsylvania, US, 97--101, ACM Press.
[47]
United Nations: Universal Declaration on Human Rights. http://www3.itu.int/. Accessed 30 July 2002.
[48]
US Department of Health, Education and Welfare: Records, computers and the rights of citizens: report of the secretary's advisory committee on automated personal data systems. http://aspe.os.dhhs.gov/. Accessed 6 February 2002.
[49]
Verykios, V. S., Bertino, E., Fovino, I. N., Provenza, L. P., Saygin, Y. & Theodoridis, Y. (2004): State-of-the-art in Privacy Preserving Data Mining. SIGMOD Record 33(1):50--57.
[50]
Victorian Law Today (2001): Health Records Act. http://www.dms.dpc.vic.gov.au/. Accessed 20 Oct 2006.
[51]
Victorian Consolidated Legislation (2000): Information Privacy Act. http://www.austlii.edu.au/. Accessed 20 Oct 2006.
[52]
Wahlstrom, K. & Roddick, J. (2000): On the impact of Knowledge Discovery and Data Mining. Conferences in research and practice in information technology: Second Australian Institute of Computer Ethics Conference (AICE2000). 1:22--27.
[53]
Warren, S. D. & Brandeis, L. D. (1890): The right to privacy. Harvard Law Review 4(5):193--220.
[54]
Weckert, J. & Adeney, D. (1997): Computer and information ethics, Greenwood Press, Connecticut, US.
[55]
World Wide Web Consortium: The Platform for Privacy Preferences 1.0 (P3P1.0) specification: W3C working draft 28 September 2001. http://www.w3.org/. Accessed 21 January 2002.

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image DL Hosted proceedings
ACSW '07: Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
January 2007
189 pages

Publisher

Australian Computer Society, Inc.

Australia

Publication History

Published: 30 January 2007

Author Tags

  1. database architectures
  2. privacy
  3. regulation

Qualifiers

  • Article

Conference

ACSW '07
ACSW '07: ACSW frontiers
January 30 - February 2, 2007
Ballarat, Australia

Acceptance Rates

Overall Acceptance Rate 204 of 424 submissions, 48%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 543
    Total Downloads
  • Downloads (Last 12 months)42
  • Downloads (Last 6 weeks)5
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media