A Formal Model of Data Privacy

  • Phiniki Stouppa
  • Thomas Studer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4378)


Information systems support data privacy by constraining user’s access to public views and thereby hiding the non-public underlying data. The privacy problem is to prove that none of the private data can be inferred from the information which is made public. We present a formal definition of the privacy problem which is based on the notion of certain answer. Then we investigate the privacy problem in the contexts of relational databases and ontology based information systems.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., et al.: Hippocratic databases. In: Proc. of 28th VLDB Conference (2002)Google Scholar
  2. 2.
    Arenas, M., Libkin, L.: XML data exchange: Consistency and query answering. In: PODS, pp. 13–24 (2005)Google Scholar
  3. 3.
    Baader, F., et al.: The Description Logic Handbook. Cambridge University Press, Cambridge (2003)MATHGoogle Scholar
  4. 4.
    Beeri, C., Vardi, M.Y.: A proof procedure for data dependencies. Journal of the ACM 31(4), 718–741 (1984)MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3(1), 14–27 (2004)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Bonatti, P.A., Kraus, S., Subrahmanian, V.s.: Foundations of secure deductive databases. Transactions on Knowledge and Data Engineering 7(3), 406–422 (1995), doi:10.1109/69.390247CrossRefGoogle Scholar
  7. 7.
    Calì, A., et al.: Data integration under integrity constraints. In: Pidduck, A.B., et al. (eds.) CAiSE 2002. LNCS, vol. 2348, pp. 262–279. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. 8.
    Council of Europe: Convention for the protection of individuals with regard to automatic processing of personal data (1981), Available at http://conventions.coe.int/Treaty/en/Treaties/Html/108.htm
  9. 9.
    Cuenca Grau, B., et al.: Automated partitioning of owl ontologies using e-connections. In: Proceedings of Int. Workshop on Description Logics (2005)Google Scholar
  10. 10.
    Damiani, E., et al.: Controlling access to XML documents. IEEE Internet Computing 5(6), 18–28 (2001)CrossRefGoogle Scholar
  11. 11.
    Papakonstantinou, Y., Deutsch, A.: Privacy in Database Publishing. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 230–245. Springer, Heidelberg (2004)Google Scholar
  12. 12.
    Dix, J., Subrahmanian, V.S., Faber, W.: The Relationship Between Reasoning About Privacy and Default Logics. In: Sutcliffe, G., Voronkov, A. (eds.) LPAR 2005. LNCS (LNAI), vol. 3835, pp. 637–650. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Fagin, R., Kolaitis, P.G.: Data exchange: Semantics and query answering. Theoretical Computer Science 336, 89–124 (2005)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Halevy, A.Y.: Answering queries using views: A survey. The VLDB Journal 10(4), 270–294 (2001), doi:10.1007/s007780100054MATHCrossRefGoogle Scholar
  15. 15.
    Kutz, O., et al.: E-connections of abstract description systems. Artifical Intelligence 156(1), 1–73 (2004)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Lenzerini, M.: Data integration: a theoretical perspective. In: ACM PODS ’02, Madison, Wisconsin, pp. 233–246. ACM Press, New York (2002), doi:10.1145/543613.543644CrossRefGoogle Scholar
  17. 17.
    Machanavajjhala, A., Gehrke, J.: On the efficiency of checking perfect privacy. To appear in Proceedings of PODS (2006)Google Scholar
  18. 18.
    Miklau, G., Suciu, D.: A formal analysis of information disclosure in data exchange. In: SIGMOD (2004)Google Scholar
  19. 19.
    OECD: Guidelines on the protection of privacy and transborder flows of personal data (1980), Available at http://www.oecd.org
  20. 20.
    Privacy International. Overview of privacy (2004), Available at http://www.privacyinternational.org/privhroverview2004
  21. 21.
    Reiter, R.: Towards a logical reconstruction of relational database theory. In: Brodie, M.L., Mylopoulos, J., Schmidt, J.W. (eds.) On Conceptual Modelling, Perspectives from Artificial Intelligence, Databases, and Programming Languages, pp. 191–233 (1982)Google Scholar
  22. 22.
    Samarati, P., Sweeney, L.: Generalizing data to provide anonymity when disclosing information (abstract). In: PODS, p. 188. ACM Press, New York (1998)Google Scholar
  23. 23.
    Stoffel, K., Studer, T.: Provable data privacy. In: Andersen, K.V., Debenham, J., Wagner, R. (eds.) DEXA 2005. LNCS, vol. 3588, pp. 324–332. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    van der Meyden, R.: Logical approaches to incomplete information: a survey. In: Logics for databases and information systems, pp. 307–356. Kluwer Academic Publishers, Dordrecht (1998)Google Scholar
  25. 25.
    Winslett, M., Smith, K., Qian, X.: Formal query languages for secure relational databases. ACM Trans. Database Syst. 19(4), 626–662 (1994), doi:10.1145/195664.195675CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Phiniki Stouppa
    • 1
  • Thomas Studer
    • 1
  1. 1.Institut für Informatik und angewandte Mathematik, Universität Bern, Neubrückstrasse 10, CH-3012 BernSwitzerland

Personalised recommendations