Issue No.05 - May (2013 vol.25)
Leopoldo Bertossi , Carleton University, Ottawa
Lechen Li , Carleton University, Ottawa
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TKDE.2012.86
We may want to keep sensitive information in a relational database hidden from a user or group thereof. We characterize sensitive data as the extensions of secrecy views. The database, before returning the answers to a query posed by a restricted user, is updated to make the secrecy views empty or a single tuple with null values. Then, a query about any of those views returns no meaningful information. Since the database is not supposed to be physically changed for this purpose, the updates are only virtual, and also minimal. Minimality makes sure that query answers, while being privacy preserving, are also maximally informative. The virtual updates are based on null values as used in the SQL standard. We provide the semantics of secrecy views, virtual updates, and secret answers (SAs) to queries. The different instances resulting from the virtually updates are specified as the models of a logic program with stable model semantics, which becomes the basis for computation of the SAs.
Semantics, Null value, Relational databases, Data privacy, Maintenance engineering, Integrated circuits, database repairs, Data privacy, views, query answering, null values, view updates, answer set programs
Leopoldo Bertossi, Lechen Li, "Achieving Data Privacy through Secrecy Views and Null-Based Virtual Updates", IEEE Transactions on Knowledge & Data Engineering, vol.25, no. 5, pp. 987-1000, May 2013, doi:10.1109/TKDE.2012.86