Access Restriction

Author Pervaiz, Z. ♦ Aref, W.G. ♦ Ghafoor, A. ♦ Prabhu, N.
Sponsorship IEEE ♦ IEEE Comput. Soc. Tech. Committee on Data Eng ♦ IEEE Computer Society
Source IEEE Xplore Digital Library
Content type Text
Publisher Institute of Electrical and Electronics Engineers, Inc. (IEEE)
File Format PDF
Copyright Year ©1989
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Access control ♦ Privacy ♦ Semantics ♦ Data privacy ♦ Query processing ♦ Partitioning algorithms ♦ query evaluation ♦ Access control ♦ privacy ♦ $k$-anonymity
Abstract Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized user can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization of relational data to anonymize and satisfy privacy requirements, e.g., k-anonymity and l-diversity, against identity and attribute disclosure. However, privacy is achieved at the cost of precision of authorized information. In this paper, we propose an accuracy-constrained privacy-preserving access control framework. The access control policies define selection predicates available to roles while the privacy requirement is to satisfy the k-anonymity or l-diversity. An additional constraint that needs to be satisfied by the PPM is the imprecision bound for each selection predicate. The techniques for workload-aware anonymization for selection predicates have been discussed in the literature. However, to the best of our knowledge, the problem of satisfying the accuracy constraints for multiple roles has not been studied before. In our formulation of the aforementioned problem, we propose heuristics for anonymization algorithms and show empirically that the proposed approach satisfies imprecision bounds for more permissions and has lower total imprecision than the current state of the art.
Description Author affiliation :: Sch. of Electr. & Comput. Eng., Center for Educ. & Res. in Inf. Assurance & Security (CERIAS), Purdue Univ., West Lafayette, IN, USA
Author affiliation :: Dept. of Comput. Sci., Purdue's Center for Educ. & Res. in Inf. Assurance & Security (CERIAS), West Lafayette, IN, USA
Author affiliation :: Sch. of Ind. Eng., Purdue Univ., West Lafayette, IN, USA
ISSN 10414347
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2014-01-01
Publisher Place U.S.A.
Rights Holder Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Volume Number 26
Issue Number 4
Size (in Bytes) 4.04 MB
Page Count 13
Starting Page 795
Ending Page 807

Source: IEEE Xplore Digital Library