Issue No. 05 - May (2013 vol. 25)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TKDE.2012.86
Leopoldo Bertossi , Carleton University, Ottawa
Lechen Li , Carleton University, Ottawa
We may want to keep sensitive information in a relational database hidden from a user or group thereof. We characterize sensitive data as the extensions of secrecy views. The database, before returning the answers to a query posed by a restricted user, is updated to make the secrecy views empty or a single tuple with null values. Then, a query about any of those views returns no meaningful information. Since the database is not supposed to be physically changed for this purpose, the updates are only virtual, and also minimal. Minimality makes sure that query answers, while being privacy preserving, are also maximally informative. The virtual updates are based on null values as used in the SQL standard. We provide the semantics of secrecy views, virtual updates, and secret answers (SAs) to queries. The different instances resulting from the virtually updates are specified as the models of a logic program with stable model semantics, which becomes the basis for computation of the SAs.
Semantics, Null value, Relational databases, Data privacy, Maintenance engineering, Integrated circuits, database repairs, Data privacy, views, query answering, null values, view updates, answer set programs
L. Bertossi and L. Li, "Achieving Data Privacy through Secrecy Views and Null-Based Virtual Updates," in IEEE Transactions on Knowledge & Data Engineering, vol. 25, no. , pp. 987-1000, 2013.