Achieving Data Privacy through Secrecy Views and Null-Based Virtual Updates
Abstract
We may want to keep sensitive information in a relational database hidden from a user or group thereof. We characterize sensitive data as the extensions of secrecy views. The database, before returning the answers to a query posed by a restricted user, is updated to make the secrecy views empty or a single tuple with null values. Then, a query about any of those views returns no meaningful information. Since the database is not supposed to be physically changed for this purpose, the updates are only virtual, and also minimal. Minimality makes sure that query answers, while being privacy preserving, are also maximally informative. The virtual updates are based on null values as used in the SQL standard. We provide the semantics of secrecy views, virtual updates, and secret answers (SAs) to queries. The different instances resulting from the virtually updates are specified as the models of a logic program with stable model semantics, which becomes the basis for computation of the SAs.
Más información
Título según WOS: | ID WOS:000316755100003 Not found in local WOS DB |
Título de la Revista: | IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING |
Volumen: | 25 |
Número: | 5 |
Editorial: | IEEE COMPUTER SOC |
Fecha de publicación: | 2013 |
Página de inicio: | 987 |
Página final: | 1000 |
DOI: |
10.1109/TKDE.2012.86 |
Notas: | ISI |