复旦大学：《数据库新技术》PPT教学课件_隐私保护技术 Privacy Preserving in Data Management and Publication

Privacy Preserving in Data Management and Publication ●●●●● ●●●● ●●。●●

1 Privacy Preserving in Data Management and Publication

●●●●● ●●●● ●●0 Reference ●●● ●●●● Kristen LeFevre, David J. DeWitt, Raghu Ramakrishnan Incognito: Efficient Full-Domain K-Anonymity, SIGMOD 2005 Ashwin Machanavajhala, Johannes Gehrke, Daniel Kifer Diversity: Privacy Beyond k-Anonymity, ICDE06 Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu, Hippocratic Databases, VLdb 2002 Kristen LeFevrey, Rakesh Agrawal, Vuk Ercegovac, Raghu Ramakrishnan, Yirong Xu, David DeWitt, Limiting Disclosure in Hippocratic Databases, VLDB 2004

2 Reference ⚫ Kristen LeFevre, David J. DeWitt, Raghu Ramakrishnan, Incognito: Efficient Full-Domain K-Anonymity, SIGMOD 2005 ⚫ Ashwin Machanavajjhala, Johannes Gehrke, Daniel Kifer, l￾Diversity: Privacy Beyond k-Anonymity, ICDE’06 ⚫ Rakesh Agrawal, Jerry Kiernan, Ramakrishnan Srikant, Yirong Xu, Hippocratic Databasees, VLDB 2002 ⚫ Kristen LeFevrey, Rakesh Agrawal, Vuk Ercegovac, Raghu Ramakrishnan, Yirong Xu, David DeWitt, Limiting Disclosure in Hippocratic Databases, VLDB 2004

●●●●● ●●●● ●●0 Background ●●● ●●●● o Privacy has become an important issue in many area ●E- Commerce e Healthcare data management e Personal information management Research topics Privacy in data management K-anonymity Privacy preserving data mining

3 Background ⚫ Privacy has become an important issue in many area ⚫ E-Commerce ⚫ Healthcare data management ⚫ Personal information management ⚫ … ⚫ Research topics ⚫ Privacy in data management ⚫ K-anonymity ⚫ Privacy preserving data mining

●●●●● ●●●● ●●0 Privacy Regulations ●●● ●●●● United States Privacy Act(1974) e fair Information Practices Applies to federal agencies ● Requirements Permit an individual to determine what personal records are collected. maintained. used or disseminated Permit an individual to prevent personal records collected for one purpose from being used for another purpose( without consent) Permit an individual to access records about him and to correct these records Collect personal information in a lawful way, and incorporate safeguards preventing misuse Make exceptions only when there is a public policy need Be subject to civil suit for violating this Act

4 Privacy Regulations ⚫ United States Privacy Act (1974) ⚫ Fair Information Practices ⚫ Applies to federal agencies ⚫ Requirements ⚫ Permit an individual to determine what personal records are collected, maintained, used, or disseminated ⚫ Permit an individual to prevent personal records collected for one purpose from being used for another purpose (without consent) ⚫ Permit an individual to access records about him, and to correct these records ⚫ Collect personal information in a lawful way, and incorporate safeguards preventing misuse ⚫ Make exceptions only when there is a public policy need ⚫ Be subject to civil suit for violating this Act

●●●●● ●●●● ●●0 Privacy Regulations ●●● ●●●● e Recent privacy documents o 1996 Health Insurance Portability and Accountability Act(HIPAA) 1999 Gramm-Leach-Bliley Financial Services Modernization Act o 2000 Personal Information protection and Electronic Documents Act(PIPEDA) 2003 Personal Information Protection Act(PIPA)

5 Privacy Regulations ⚫ Recent privacy documents ⚫ 1996 Health Insurance Portability and Accountability Act (HIPAA) ⚫ 1999 Gramm-Leach-Bliley Financial Services Modernization Act ⚫ 2000 Personal Information Protection and Electronic Documents Act (PIPEDA) ⚫ 2003 Personal Information Protection Act (PIPA)

●●●●● ●●●● Privacy in data management 9:80 ●●●● ●Task Preventing disclosure of private information while database query Privacy vs access control Privacy Application purpose oriented Users requirement e Access control security database e Data oriented Hippocratic Databases A prototype database system from the Intelligent Information Systems Group of IBM Almaden Research Center

6 Privacy in data management ⚫ Task ⚫ Preventing disclosure of private information while database query ⚫ Privacy vs access control ⚫ Privacy ⚫ Application purpose oriented ⚫ Users requirement ⚫ Access control & security database ⚫ Data oriented ⚫ Hippocratic Databases ⚫ A prototype database system from the Intelligent Information Systems Group of IBM Almaden Research Center

●●●●● ●●●● ●●0 ippocratic Databases ●●● ●●●● ● Background o The Hippocratic Oath has guided the conduct of physicians for centuries. Inspired by its tenet of preserving privacy, we argue that future database systems must include responsibility for the privacy of data Propose a strawman design for Hippocratic databases identify the technical challenges and problems in designing such databases, will serve to catalyze a fruitful and exciting direction for future database research

7 Hippocratic Databases ⚫ Background ⚫ The Hippocratic Oath has guided the conduct of physicians for centuries. Inspired by its tenet of preserving privacy, we argue that future database systems must include responsibility for the privacy of data. ⚫ Propose a strawman design for Hippocratic databases, identify the technical challenges and problems in designing such databases, will serve to catalyze a fruitful and exciting direction for future database research

●●●●● Ten Principles of Privacy ●●●● ●●0 ●●● ●●●● o Purpose Specification The purposes for which the information has been collected shall be associated with that information o Questions like"why specific data is being collected ?)must be answered

8 Ten Principles of Privacy ⚫ Purpose Specification ⚫ The purposes for which the information has been collected shall be associated with that information. ⚫ Questions like “why specific data is being collected?” must be answered

●●●●● Ten Principles of Privacy ●●●● ●●0 ●●● ●●●● ● Consent o The donor of the information must provide his consent for usage of the data they have provided for the specific purpose Example: a user can give consent for his information to be released for research purposes

9 Ten Principles of Privacy ⚫ Consent ⚫ The donor of the information must provide his consent for usage of the data they have provided for the specific purpose. ⚫ Example: A user can give consent for his information to be released for research purposes

●●●●● Ten Principles of Privacy ●●●● ●●0 ●●● ●●●● ● Limited co| ection o The personal information collected shall be limited to the minimum necessary for accomplishing the specified purposes. o Example: For medical records, requirement of information like which car the patient drives is absurd and not required

10 Ten Principles of Privacy ⚫ Limited Collection ⚫ The personal information collected shall be limited to the minimum necessary for accomplishing the specified purposes. ⚫ Example: For medical records, requirement of information like which car the patient drives is absurd, and not required