140 likes | 285 Vues
CS573 Data Privacy and Security. Secure data outsourcing – Combining encryption and fragmentation. Combining Fragmentation and Encryption for outsourcing. Breaking sensitive associations between attributes. Confidentiality Constraints. Example: constraint { DoB , Zip, Illness}
E N D
CS573 Data Privacy and Security Secure data outsourcing – Combining encryption and fragmentation
Combining Fragmentation and Encryption for outsourcing • Breaking sensitive associations between attributes
Confidentiality Constraints • Example: constraint {DoB, Zip, Illness} • Okay to release {DoB, Zip}, {Zip}, …
Basic ideas • Singleton constraints • encryption • Association constraints • encryption of any one attribute • Fragmentation of the attributes
Fragmentation • Classical distributed database design problem (vertical fragmentation) • Total number of possible fragmentations given N attributes? • What would be an optimal fragmentation?
Optimal fragmentation • Correctly enforce constraints • Maximal visibility • Minimal fragmentation • Maximal attribute affinity • Problem is NP hard
Algorithm without confidentiality constraints • Without confidentiality constraints - Hierarchical clustering • With confidentiality constraints? • {s}, {n,d}, {n,z}, {n, i}, {n, p}, {d, z, i}, {d, z, p}
References • Combining fragmentation and encryption to protect privacy in data storage, TISSEC, 2010 • Fragmentation design for efficient query execution over sensitive distributed databases, ICDCS, 2009