Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies

Download
2018
Turan, Uğur
Relational DBMS’scontinue to dominate th emarket an dinference problem on external schema has preserved its importance in terms of data privacy. Especially for the last 10 years, external schema construction for application-specific database usage has increased its independency from the conceptual schema, as the definitions and implementations of views and procedures have been optimized. After defining all mathematical background, this work offers an optimized decomposition strategy for the external schema, which concentrates on the privacy policy and required associations of attributes for the intended user role. The method given in this article performs a proactive decomposition for the external schema, which satisfies the inhibited and required associations of attributes. The idea is represented by using graph theory(using attribute-sets as vertices and dependencies as edges)and we redefine the problem of inference like a shared root tree finding process in between related attributes,using complete schema functional dependency graph. The optimization of decomposition aims to result in an external schema, which prevents inference of inhibited attribute sets and satisfies association of required attribute sets with minimal loss of association between other attributes. Our technique is purely proactive like a normalization stage and owing to the usage independency of external schema construction tools, it can be easily applied to any ongoing systems without rewriting data access layer of applications. Our extensive experimental analysis shows the usage of this optimized proactive strategy offers applicable timing costs, even being proactive, for a wide portion of logical schema volumes. Additionally, we shared a real-life case study to emphasize the importance of using this strategy for privacy policy preservation during external schema definition and the observed benefits after getting this technique in production.

Suggestions

Secure logical schema and decomposition algorithm for proactive context dependent attribute based inference control
Turan, Ugur; Toroslu, İsmail Hakkı; Kantarcioglu, Murat (2017-09-01)
Inference problem has always been an important and challenging topic of data privacy in databases. In relational databases, the traditional solution to this problem was to define views on relational schemas to restrict the subset of attributes and operations available to the users in order to prevent unwanted inferences. This method is a form of decomposition strategy, which mainly concentrates on the granularity of the accessible fields to the users, to prevent sensitive information inference. Nowadays, du...
Security of certificate-based protocols: focus on server authentication
Baran, Selim; Özbudak, Ferruh; Selçuk, Ali Aydın; Department of Cryptography (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
Confidence-based concept discovery in multi-relational data mining
Kavurucu, Yusuf; Karagöz, Pınar; Toroslu, İsmail Hakkı (2008-03-21)
Multi-relational data mining has become popular due to the limitations of propositional problem definition in structured domains and the tendency of storing data in relational databases. Several relational knowledge discovery systems have been developed employing various search strategies, heuristics, language pattern limitations and hypothesis evaluation criteria, in order to cope with intractably large search space and to be able to generate high-quality patterns. In this work, a new ILP-based concept dis...
Uncertainty in a nested relational database model
Yazıcı, Adnan; Buckles, BP; Petry, FE (1999-07-01)
Some database models have already been developed to deal with complex values but they have constrains that data stored is precise and queries are crisp. However, as many researchers have pointed out, there is a need to present, manipulate, and query complex and uncertain data of various non-traditional database applications such as oceanography, multimedia, meteorology, office automation systems, engineering designs, expert database systems and geographic information systems. In this paper, we present a log...
ILP-based concept discovery in multi-relational data mining
Kavurucu, Yusuf; Karagöz, Pınar; Toroslu, İsmail Hakkı (Elsevier BV, 2009-11-01)
Multi-relational data mining has become popular due to the limitations of propositional problem definition in structured domains and the tendency of storing data in relational databases. Several relational knowledge discovery systems have been developed employing various search strategies, heuristics, language pattern limitations and hypothesis evaluation criteria, in order to cope with intractably large search space and to be able to generate high-quality patterns. In this work, an ILP-based concept discov...
Citation Formats
U. Turan, “Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies,” Ph.D. - Doctoral Program, Middle East Technical University, 2018.