The Community for Technology Leaders
RSS Icon
Issue No.05 - May (2013 vol.25)
pp: 987-1000
Leopoldo Bertossi , Carleton University, Ottawa
Lechen Li , Carleton University, Ottawa
We may want to keep sensitive information in a relational database hidden from a user or group thereof. We characterize sensitive data as the extensions of secrecy views. The database, before returning the answers to a query posed by a restricted user, is updated to make the secrecy views empty or a single tuple with null values. Then, a query about any of those views returns no meaningful information. Since the database is not supposed to be physically changed for this purpose, the updates are only virtual, and also minimal. Minimality makes sure that query answers, while being privacy preserving, are also maximally informative. The virtual updates are based on null values as used in the SQL standard. We provide the semantics of secrecy views, virtual updates, and secret answers (SAs) to queries. The different instances resulting from the virtually updates are specified as the models of a logic program with stable model semantics, which becomes the basis for computation of the SAs.
Semantics, Null value, Relational databases, Data privacy, Maintenance engineering, Integrated circuits, database repairs, Data privacy, views, query answering, null values, view updates, answer set programs
Leopoldo Bertossi, Lechen Li, "Achieving Data Privacy through Secrecy Views and Null-Based Virtual Updates", IEEE Transactions on Knowledge & Data Engineering, vol.25, no. 5, pp. 987-1000, May 2013, doi:10.1109/TKDE.2012.86
[1] S. Abiteboul, R. Hull, and V. Vianu, Foundations of Databases. Addison-Wesley, 1995.
[2] P. Barcelo, "Applications of Annotated Predicate Calculus and Logic Programs to Querying Inconsistent Databases," MSc thesis PUC, paperstesisk.pdf. 2002.
[3] L. Bertossi, "Consistent Query Answering in Databases," ACM Sigmod Record, vol. 35, no. 2, pp. 68-76, June 2006.
[4] L. Bertossi, "From Database Repair Programs to Consistent Query Answering in Classical Logic (Extended Abstract)," Proc. Alberto Mendelzon Int'l Workshop Foundations of Data Management (AMW '09), vol. 450, 2009.
[5] L. Bertossi, Database Repairing and Consistent Query Answering. Morgan & Claypool, 2011.
[6] J. Biskup and T. Weibert, "Confidentiality Policies for Controlled Query Evaluation," Data and Applications Security, 4602, pp. 1-13, 2007.
[7] J. Biskup and Weibert, "Keeping Secrets in Incomplete Datbabases," Int'l J. Information Sercurity, vol. 7, no. 3, pp. 199-217, 2008.
[8] J. Biskup, C. Tadros, and L. Wiese, "Towards Controlled Query Evaluation for Incomplete First-Order Databases," Proc. Sixth Int'l Conf. Foundations of Information and Knowledge Systems (FoIKS '10), pp. 230-247, 2010.
[9] L. Bravo and L. Bertossi, "Semantically Correct Query Answers in the Presence of Null Values," Proc. EDBT WS on Inconsistency and Incompleteness in Databases (IIDB '06), pp. 336-357, 2006.
[10] L. Bravo, "Handling Inconsistency in Databases and Data Integration Systems," PhD thesis, Dept. Computer Science, Carleton Univ., Thesis36.pdf, 2007.
[11] M. Caniupan and L. Bertossi, "The Consistency Extractor System: Answer Set Programs for Consistent Query Answering in Databases," Data and Knowledge Eng., vol. 69, no. 6, pp. 545-572, 2010.
[12] E.F. Codd, "Extending the Database Relational Model to Capture More Meaning," ACM Trans. Database Systems, vol. 4, no. 4, pp. 397-434, 1979.
[13] S. Cosmadakis and C. Papadimitrioud, "Updates of Relational Views," J. ACM, vol. 31, no. 4, pp. 742-760, 1984.
[14] J. Chomicki and J. Marcinkowski, "Minimal-Change Integrity Maintenance Using Tuple Deletions," Information and Computation, vol. 197, nos. 1/2, pp. 90-121, 2005.
[15] M. Gelfond and V. Lifschitz, "Classical Negation in Logic Programs and Disjunctive Databases," New Generation Computing, vol. 9, pp. 365-385, 1991.
[16] M. Gelfond and N. Leone, "Logic Programming and Knowledge Representation: The A-Prolog Perspective," Artificial Intelligence, vol. 138, nos. 1/2, pp. 3-38, 2002.
[17] A. Gupta and I. Singh Mumick, "Maintenance of Materialized Views: Problems, Techniques, and Applications," IEEE Data Eng. Bull., vol. 18, no. 2, pp. 3-18, June 1995.
[18] T. Imielinski and W. Lipski Jr., "Incomplete Information in Relational Databases," J. ACM, vol. 31, no. 4, pp. 761-791, 1984.
[19] K. LeFevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, and D. DeWitt, "Limiting Disclosure in Hippocratic Databases," Proc. Int'l Conf. Very Large Data Bases (VLDB '04), pp. 108-119, 2004.
[20] J. Lechtenbörger and G. Vossen, "On the Computation of Relational View Complements," Proc. ACM Symp. Principles of Database Systems (PODS '02), pp. 142-149, 2002.
[21] J. Lechtenbörger, "The Impact of the Constant Complement Approach towards View Updating," Proc. ACM Symp. Principles of Database Systems (PODS '03), pp. 49-55, 2003.
[22] N. Leone, G. Pfeifer, W. Faber, T. Eiter, G. Gottlob, S. Perri, and F. Scarcello, "The DLV System for Knowledge Representation and Reasoning," ACM Trans. Computational Logic, vol. 7, no. 3, pp. 499-562, 2006.
[23] M. Levene and G. Loizou, A Guided Tour of Relational Databases and Beyond. Springer, 1999.
[24] L. Li, "Achieving Data Privacy through Virtual Updates," MSc thesis, Dept. of Computer Science, Carleton Univ., thesisLechen.pdf, 2011.
[25] A. Nash, L. Segoufin, and V. Vianu, "Views and Queries: Determinacy and Rewriting," ACM Trans. Database Systems, vol. 35, no. 3, pp. 21:1-41, 2010.
[26] R. Reiter, "Towards a Logical Reconstruction of Relational Database Theory," On Conceptual Modelling, M.L. Brodie, J. Mylopoulos, and J.W. Schmidt, eds., pp. 191-233, Springer, 1984.
[27] S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy, "Extending Query Rewriting Techniques for Fine-Grained Access Control," Proc. ACM Int'l Conf. Management of Data (SIGMOD '04), pp. 551-562, 2004.
[28] B. Traylor and M. Gelfond, "Representing Null Values in Logic Programming," Proc. Third Int'l Symp. Logical Foundations of Computer Science (LFCS '94), pp. 341-352, 1994.
[29] Y. Vassiliou, "Null Values in Data Base Management: A Denotational Semantics Approach," Proc. ACM Int'l Conf. Management of Data (SIGMOD '79), pp. 162-169, 1979.
[30] Q. Wang, T. Yu, N. Li, J. Lobo, E. Bertino, K. Irwin, and J.-W. Byun, "On the Correctness Criteria of Fine-Grained Access Control in Relational Databases," Proc. Int'l Conf. Very large Data Bases (VLDB '07), pp. 555-566, 2007.
[31] T. Weibert, "A Framework for Inference Control in Incomplete Logic Databases," PhD thesis, Technische Univ. Dortmund, 2008.
[32] C. Zaniolo, "Database Relations with Null Values," Proc. ACM Symp. Principles of Database Systems (PODS '82), pp. 27-33, 1982.
[33] Z. Zhang and A. Mendelzon, "Authorization Views and Conditional Query Containment," Proc. Int'l Conf. Database Theory (ICDT '05), pp. 259-273, 2005.
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool