E-Book, Englisch, Band 29, 180 Seiten, eBook
Wang / Jajodia / Wijesekera Preserving Privacy in On-Line Analytical Processing (OLAP)
1. Auflage 2007
ISBN: 978-0-387-46274-5
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, Band 29, 180 Seiten, eBook
Reihe: Advances in Information Security
ISBN: 978-0-387-46274-5
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
Preserving Privacy for On-Line Analytical Processing addresses the privacy issue of On-Line Analytic Processing (OLAP) systems. OLAP systems usually need to meet two conflicting goals. First, the sensitive data stored in underlying data warehouses must be kept secret. Second, analytical queries about the data must be allowed for decision support purposes. The main challenge is that sensitive data can be inferred from answers to seemingly innocent aggregations of the data. This volume reviews a series of methods that can precisely answer data cube-style OLAP, regarding sensitive data while provably preventing adversaries from inferring data.
Preserving Privacy for On-Line Analytical Processing is appropriate for practitioners in industry as well as graduate-level students in computer science and engineering.
Zielgruppe
Research
Autoren/Hrsg.
Weitere Infos & Material
OLAP and Data Cubes.- Inference Control in Statistical Databases.- Inferences in Data Cubes.- Cardinality-based Inference Control.- Parity-based Inference Control for Range Queries.- Lattice-based Inference Control in Data Cubes.- Query-driven Inference Control in Data Cubes.- Conclusion and Future Direction.
Introduction (p. 1)
1.1 Background
Electronic privacy is drawing more and more attention nowadays, as evidenced by cover stories in media 1311 and initiatives of governments [70]. Public sur- veys also reflect strong concerns about potential privacy breaches. The results of recent public opinion polls show that 86% of respondents want a web site to obtain opt-in consent before collecting personal information, and 81% of respondents worry that companies may misuse the collected private data [lo].
Privacy is relevant to the business, too. Privacy concerns cause consumers to routinely abandon their shopping carts when too much personal information is being demanded. The estimated loss of internet sales due to such privacy concerns is as much as $18 billion according to analysts [36].
A failure to protect customers7 privacy will eventually become the breach of laws due to upcoming privacy legislation, such as the Health Insurance Portability and Accountability Act (HIPAA) enacted by the US. Congress in 1996. One of the efforts in reducing the privacy concerns of internet consumers is the platform for privacy preferences (P3P) project by WWW Consortium, which allows a web site to provide machine-readable privacy policies [19].
The web browser of a consumer can thus determine if the provided privacy policies may satisfy the consumer's privacy preferences by comparing the two in an automated way. However, P3P only helps companies in making promises, but it does not enforce them to keep those promises 1231. Unfortunately, keep- ing one's promises is usually easier said then done.
Privacy breaches may occur in various ways after personal data have been collected and stored in the enterprise's data warehouses. The data may be intentionally misused by the company for profits, violating the privacy policies under which the data have been collected. Such intentional misuses can be addressed by privacy legislation. The data may also be stolen by attackers that infiltrate the system through exploiting existing vulnerabilities. Such outsider attacks can be addressed by defensive mechanisms such as firewalls and intrusion detection systems.
More challenging threats are usually from the insiders who need limited accesses to the data. For example, a company may want to study the shop ping preferences of its customers to facilitate upsale. The company invites a third party analyst for this purpose. Without sufficient security mechanisms safeguarding the data, the analyst may obtain and later misuse the personal information about the customers.
Such disclosures of sensitive infor- mation is undesired, because it may lead to privacy breaches of individuals and consequently causes damages to the company's interest. On the other hand, companies collect data not just to occupy hard disks. They need to analyze the data and extract useful knowledge from it. Hence, the data in appropriate formats should be readily available to authorized users. How to prevent privacy breaches caused by inappropriate disclosures of sensitive in- formation while not adversely impacting the availability of data to legitimate users is the main topic of this book.
Among various ways of data analysis, OLAP (On-line Analytic Processing) is one of the most popular techniques. OLAP helps analysts to extract useful knowledge from a large amount of data. It allows analysts to gain insights to different perspectives of the data. This is achieved by aggregating data along multiple dimensions. Aggregations at different levels can be organized into a data cube [37].
