Abstract
When data providers are allowed to specify the privacy purposes for the data they enter into a database, this information must be stored in the database and dealt with by database operators. We introduce four storage designs incorporating sets of intended privacy purposes in a table in a relational database, and perform experiments to study their performance when executing select, insert, update and delete using the storage designs. A thorough discussion of the tradeoffs exposed is given.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Benchmark Factory for Databases, http://www.quest.com/benchmark-factory/ (last accessed August 2011)
Samples and Sample Databases (SQL.90).aspx, http://technet.microsoft.com/en-us/library/ms124501SQL.90.aspx (last accessed September 2011)
Al-Harbi, A.L., Osborn, S.L.: Mixing privacy with role-based access control. In: Proceedings of the Fourth International C* Conference on Computer Science & Software Engineering, C3S2E 2011, Montreal, Quebec, Canada, May 16-18, pp. 1–7 (2011)
Byun, J.-W., Li, N.: Purpose based access control for privacy protection in relational database systems. VLDB J. 17(4), 603–619 (2008)
Jajodia, S., Sandhu, R.S.: Towards a multilevel secure relational data model. In: Proceedings of the 1991 ACM SIGMOD International Conference on Management of Data, Denver, Colorado, May 29-31, pp. 50–59 (1991)
Lunt, T.F., Denning, D.E., Schell, R.R., Heckman, M., Shockley, W.R.: The SeaView security model. IEEE Trans. Softw. Eng. 16, 593–607 (1990)
Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware role based access control. In: Proceedings ACM SACMAT, pp. 41–50 (2007)
Notargiacomo, L.: Architectures for mls database management systems. In: Information Security: An Integrated Collection of Essays, pp. 439–459. IEEE Computer Society Press (1995)
Özsoyoglu, G., Snodgrass, R.T.: Temporal and real-time databases: A survey. IEEE Trans. Knowl. Data Eng. 7(4), 513–532 (1995)
Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: Proceedings of the Seventeenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, Seattle, Washington, June 1-3, p. 188. ACM Press (1998)
Sandhu, R.: Lattice-based access control models. IEEE Computer 26, 9–19 (1993)
Smith, K., Winslett, M.: Entity modeling in the MLS relational model. In: Yuan, L.-Y. (ed.) 18th International Conference on Very Large Data Bases, August 23-27, pp. 199–210. Morgan Kaufmann (1992)
Sweeney, L.: Achieving k-anonymity privacy protection using generalization and suppression. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 571–588 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mahmud, M.S., Osborn, S.L. (2012). Tradeoff Analysis of Relational Database Storage of Privacy Preferences. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2012. Lecture Notes in Computer Science, vol 7482. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32873-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-32873-2_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32872-5
Online ISBN: 978-3-642-32873-2
eBook Packages: Computer ScienceComputer Science (R0)