Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies
Download
index.pdf
Date
2018
Author
Turan, Uğur
Metadata
Show full item record
Item Usage Stats
267
views
121
downloads
Cite This
Relational DBMS’scontinue to dominate th emarket an dinference problem on external schema has preserved its importance in terms of data privacy. Especially for the last 10 years, external schema construction for application-specific database usage has increased its independency from the conceptual schema, as the definitions and implementations of views and procedures have been optimized. After defining all mathematical background, this work offers an optimized decomposition strategy for the external schema, which concentrates on the privacy policy and required associations of attributes for the intended user role. The method given in this article performs a proactive decomposition for the external schema, which satisfies the inhibited and required associations of attributes. The idea is represented by using graph theory(using attribute-sets as vertices and dependencies as edges)and we redefine the problem of inference like a shared root tree finding process in between related attributes,using complete schema functional dependency graph. The optimization of decomposition aims to result in an external schema, which prevents inference of inhibited attribute sets and satisfies association of required attribute sets with minimal loss of association between other attributes. Our technique is purely proactive like a normalization stage and owing to the usage independency of external schema construction tools, it can be easily applied to any ongoing systems without rewriting data access layer of applications. Our extensive experimental analysis shows the usage of this optimized proactive strategy offers applicable timing costs, even being proactive, for a wide portion of logical schema volumes. Additionally, we shared a real-life case study to emphasize the importance of using this strategy for privacy policy preservation during external schema definition and the observed benefits after getting this technique in production.
Subject Keywords
Database security.
,
Computer security.
,
Data structures (Computer science).
,
Computer networks
URI
http://etd.lib.metu.edu.tr/upload/12621999/index.pdf
https://hdl.handle.net/11511/27221
Collections
Graduate School of Natural and Applied Sciences, Thesis
Suggestions
OpenMETU
Core
Secure logical schema and decomposition algorithm for proactive context dependent attribute based inference control
Turan, Ugur; Toroslu, İsmail Hakkı; Kantarcioglu, Murat (2017-09-01)
Inference problem has always been an important and challenging topic of data privacy in databases. In relational databases, the traditional solution to this problem was to define views on relational schemas to restrict the subset of attributes and operations available to the users in order to prevent unwanted inferences. This method is a form of decomposition strategy, which mainly concentrates on the granularity of the accessible fields to the users, to prevent sensitive information inference. Nowadays, du...
Content based packet filtering in linux kernel using deterministic finite automata
Bilal, Tahir; Şehitoğlu, Onur Tolga; Department of Computer Engineering (2011)
In this thesis, we present a content based packet filtering Architecture in Linux using Deterministic Finite Automata and iptables framework. New generation firewalls and intrusion detection systems not only filter or inspect network packets according to their header fields but also take into account the content of payload. These systems use a set of signatures in the form of regular expressions or plain strings to scan network packets. This scanning phase is a CPU intensive task which may degrade network p...
ILP-based concept discovery in multi-relational data mining
Kavurucu, Yusuf; Karagöz, Pınar; Toroslu, İsmail Hakkı (Elsevier BV, 2009-11-01)
Multi-relational data mining has become popular due to the limitations of propositional problem definition in structured domains and the tendency of storing data in relational databases. Several relational knowledge discovery systems have been developed employing various search strategies, heuristics, language pattern limitations and hypothesis evaluation criteria, in order to cope with intractably large search space and to be able to generate high-quality patterns. In this work, an ILP-based concept discov...
Semantic concept recognition from structured and unstructured inputs within cyber security domain
Hoşsucu, Alp Gökhan; Baykal, Nazife; Department of Information Systems (2015)
Linked data initiative has been quite successful in terms of publishing and interlinking data over ontological structures. The success is due to answering semantically rich queries over highly structured data. The utilization of linked data structures are widely used in various domains to solve the problem of producing domain specific knowledge which can be interpreted by automated agents without any human interference. Cyber security field is one of the domains that suffer from the excessiveness of the raw...
Security of certificate-based protocols: focus on server authentication
Baran, Selim; Özbudak, Ferruh; Selçuk, Ali Aydın; Department of Cryptography (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
U. Turan, “Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies,” Ph.D. - Doctoral Program, Middle East Technical University, 2018.