CS346: Advanced Databases
|
|
- Christiana Griffith
- 8 years ago
- Views:
Transcription
1 CS346: Advanced Databases Alexandra I. Cristea Data Security and Privacy
2 Outline Chapter: Database Security in Elmasri and Navathe (chapter 24, 6 th Edition) Brief overview of database security More detailed study of database privacy Statistical databases, and differential privacy to protect data Data anonymization: k-anonymity and l-diversity Why? A topical issue: privacy and security are big concerns Connections to computer security, statistics 2
3 Database Security and Privacy Database Security and Privacy is a large and complex area, covering: Legal and ethical requirements for data privacy E.g. UK Data Protection Act (1998) Determines for how long data can be retained about people Government and organisation policy issues on data sharing E.g. when and how credit reports, medical data can be shared System-level issues for security management How is access to data controlled by the system? Classification of data by security levels (secret, unclassified) How to determine if access to data is permitted? 3
4 Threats to Databases Databases faces many threats which must be protected against Integrity: prevent improper modification of the data Caused by intention or accident, insider or outsider threat Erroneous data can lead to incorrect decisions, fraud, errors Availability: is the data available to users and programs? Denial of service attacks prevent access, cost revenue/reputation Confidentiality: protect data from unauthorized disclosure Leakage of information could violate law, customer confidence Sometimes referred to as the CIA triad 4
5 Control measures Security is provided by control measures of various types Access control: affect who can access the data / the system Different users may have different levels of access Inference control: control what data implies about individuals Try to make it impossible to infer facts about individuals Flow control: prevent information from escaping the database E.g. can data be transferred to other applications? Control covert channels that can be used to leak data Data Encryption: store encrypted data in the database At the field level or at the whole file level Trade-off between security and ease of processing 5
6 Information Security and Information Privacy The dividing line between security and privacy is hard to draw Security: prevent unauthorised use of system and data E.g. access controls to lock out unauthorised users E.g. encryption to hide data from those without the key Privacy: control the use of data Ensure that private information does not emerge from queries Ability of individuals to control the use of their data Will focus on database privacy for the remainder 6
7 Statistical Databases and Privacy Statistical databases keep data on large groups E.g. national population data (Office of National Statistics) The raw data in statistical databases is confidential Detailed data about individuals e.g. from census Users are permitted to retrieve statistics from the data E.g. averages, sums, counts, maximum values etc. Providing security for statistical databases is a big challenge Many crafty ways to extract private information from them The database should prevent queries that leak information 7
8 Statistical Database challenges Very specific queries can refer to a single person E.g. SELECT AVG(Salary) FROM EMPLOYEE WHERE AGE=22 AND POSTCODE= W1A 1AA AND DNO=5 : 45,000 SELECT COUNT(*) FROM EMPLOYEE WHERE AGE=22 AND POSTCODE= W1A 1AA AND DNO=5 AND SALARY>40000 : 1 How would you detect and reject such queries? Can arrange queries where the difference is small SELECT COUNT(*) FROM EMPLOYEE WHERE AGE>=22 AND DNO=5 AND SALARY>40000 : 12 SELECT COUNT(*) FROM EMPLOYEE WHERE AGE>=23 AND DNO=5 AND SALARY>40000 : 11 8
9 Differential Privacy for Statistical Databases Principle: query answers reveals little about any individual Even if adversary knows (almost) everything about everyone else! Thus, individuals should be secure about contributing their data What is learnt about them is about the same either way Much work on providing differential privacy (DP) Simple recipe for some data types (e.g. numeric answers) Simple rules allow us to reason about composition of results More complex algorithms for arbitrary data Adopted and used by several organizations: US Census, Common Data Project, Facebook (?) 9
10 Differential Privacy Definition The output distribution of a differentially private algorithm changes very little whether or not any individual s data is included in the input so you should contribute your data 10
11 Laplace Mechanism The Laplace Mechanism adds random noise to query results Scaled to mask the contribution of any individual Add noise from a symmetric continuous distribution to true answer Laplace distribution is a symmetric exponential distribution Laplace provides DP for COUNT queries, as shifting the distribution changes the probability by at most a constant factor 11
12 Sensitivity of Numeric Functions For more complex functions, we need to calibrate the noise to the influence an individual can have on the output The (global) sensitivity of a function F is the maximum (absolute) change over all possible adjacent inputs S(F) = max D, D : D-D =1 F(D) F(D ) Intuition: S(F) characterizes the scale of the influence of one individual, and hence how much noise we must add S(F) is small for many common functions S(F) = 1 for COUNT S(F) = 2 for HISTOGRAM Female Male Bounded for other functions (MEAN, covariance matrix ) 12
13 Data Anonymization The idea of data anonymization is compelling, has many applications For Data Sharing Give real(istic) data to others to study without compromising privacy of individuals in the data Allows third-parties to try new analysis and mining techniques not thought of by the data owner For Data Retention and Usage Various requirements prevent companies from retaining customer information indefinitely E.g. Google progressively anonymizes IP addresses in search logs Internal sharing across departments (e.g. billing marketing) 13
14 Case Study: US Census Raw data: information about every US household Who, where; age, gender, racial, income and educational data Why released: determine representation, planning How anonymized: aggregated to geographic areas (Zip code) Broken down by various combinations of dimensions Released in full after 72 years Attacks: no reports of successful deanonymization Recent attempts by FBI to access raw data rebuffed Consequences: greater understanding of US population Affects representation, funding of civil projects Rich source of data for future historians and genealogists 14
15 Case Study: Netflix Prize Raw data: 100M dated ratings from 480K users to 18K movies Why released: improve predicting ratings of unlabeled examples How anonymized: exact details not described by Netflix All direct customer information removed Only subset of full data; dates modified; some ratings deleted, Movie title and year published in full Attacks: dataset is claimed vulnerable Attack links data to IMDB where same users also rated movies Find matches based on similar ratings or dates in both Consequences: rich source of user data for researchers Unclear how serious the attacks are in practice 15
16 Case Study: AOL Search Data Raw data: 20M search queries for 650K users from 2006 Why released: allow researchers to understand search patterns How anonymized: user identifiers removed All searches from same user linked by an arbitrary identifier Attacks: many successful attacks identified individual users Ego-surfers: people typed in their own names Zip codes and town names identify an area NY Times identified user as 62yr old widow Consequences: CTO resigned, two researchers fired Well-intentioned effort failed due to inadequate anonymization 16
17 Last time: generalities about security, privacy; case studies privacy Next: Anonymisation, de-identification, attacks 17
18 Models of Anonymization Interactive Model (akin to statistical databases) Data owner acts as gatekeeper to data Researchers pose queries in some agreed language Gatekeeper gives an (anonymized) answer, or refuses to answer Send me your code model Data owner executes code on their system and reports result Cannot be sure that the code is not malicious Offline, aka publish and be damned model Data owner somehow anonymizes data set Publishes the results to the world, and retires The model used in most real data releases 18
19 Objectives for Anonymization Prevent (high confidence) inference of associations Prevent inference of salary for an individual in census Prevent inference of individual s viewing history in video Prevent inference of individual s search history in search All aim to prevent linking sensitive information to an individual Prevent inference of presence of an individual in the data set Satisfying presence also satisfies association (not vice-versa) Presence in a data set can violate privacy (e.g., STD clinic patients) Have to consider what knowledge might be known to attacker Background knowledge: facts about the data set (X has salary Y) Domain knowledge: broad properties of data (illness Z rare in men) 19
20 Utility Anonymization is meaningless if utility of data not considered The empty data set has perfect privacy, but no utility The original data has full utility, but no privacy What is utility? Depends what the application is For fixed query set, can look at maximum or average error Problem for publishing: want to support unknown applications! Need some way to quantify utility of alternate anonymizations 20
21 Definitions of Technical Terms Identifiers uniquely identify, e.g. Social Security Number (SSN) Step 0: remove all identifiers Was not enough for AOL search data Quasi-Identifiers (QI) such as DOB, Sex, ZIP Code Enough to partially identify an individual in a dataset DOB+Sex+ZIP unique for 87% of US Residents [Sweeney 02] Sensitive attributes (SA) the associations we want to hide Salary in the census example is considered sensitive Not always well-defined: only some search queries sensitive In video, association between user and video is sensitive One SA can reveal others: bonus may identify salary 21
22 Tabular Data Example Census data recording incomes and demographics SSN DOB Sex ZIP Salary /21/76 M , /13/86 F , /28/76 M , /21/76 M , /13/86 F , /28/76 F ,000 Releasing SSN Salary association violates individual s privacy SSN is an identifier, Salary is a sensitive attribute (SA) 22
23 Tabular Data Example: De-Identification Census data: remove SSN to create de-identified table Remove an attribute from the data DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 Does the de-identified table preserve an individual s privacy? Depends on what other information an attacker knows 23
24 Tabular Data Example: Linking Attack De-identified private data + publicly available data DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 SSN DOB /21/ /28/76 Cannot uniquely identify either individual s salary DOB is a quasi-identifier (QI) 24
25 Tabular Data Example: Linking Attack De-identified private data + publicly available data DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 SSN DOB Sex /21/76 M /28/76 M Uniquely identified one individual s salary, but not the other s DOB, Sex are quasi-identifiers (QI) 25
26 Tabular Data Example: Linking Attack De-identified private data + publicly available data DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 SSN DOB Sex ZIP /21/76 M /28/76 M Uniquely identified both individuals salaries [DOB, Sex, ZIP] is unique for lots of US residents [Sweeney 02] 26
27 Tabular Data Example: Anonymization Anonymization through row suppression / deletion DOB Sex ZIP Salary * * * * 4/13/86 F ,000 2/28/76 M ,000 * * * * 4/13/86 F ,000 2/28/76 F ,000 SSN DOB Sex ZIP /21/76 M Cannot link to private table even with knowledge of QI values Missing values could take any permitted value Looses a lot of information from the data 27
28 Tabular Data Example: Anonymization Anonymization through QI attribute generalization DOB Sex ZIP Salary 1/21/76 M 537** 50,000 4/13/86 F 537** 55,000 2/28/76 * 537** 60,000 1/21/76 M 537** 65,000 4/13/86 F 537** 70,000 2/28/76 * 537** 75,000 SSN DOB Sex ZIP /21/76 M /28/76 M Cannot uniquely identify row with knowledge of QI values Fewer possibilities than row suppression E.g., ZIP = 537** ZIP {53700,, 53799} 28
29 k-anonymization k-anonymity: Table T satisfies k-anonymity with respect to quasiidentifier QI if and only if each tuple in (the multiset) T[QI] appears at least k times Protects against linking attack k-anonymization: Table T is a k-anonymization of T if T is a generalization/suppression of T, and T satisfies k-anonymity DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F , T DOB Sex ZIP Salary 1/21/76 M 537** 50,000 4/13/86 F 537** 55,000 2/28/76 * 537** 60,000 1/21/76 M 537** 65,000 4/13/86 F 537** 70,000 2/28/76 * 537** 75,000 T
30 k-anonymization and queries Data Analysis Analysis should (implicitly) range over all possible tables Example question: what is the salary of individual (1/21/76, M, 53715)? Best guess is 57,500 (average of 50,000 and 65,000) Example question: what is the maximum salary of males in 53706? Could be as small as 50,000, or as big as 75,000 DOB Sex ZIP Salary 1/21/76 M 537** 50,000 4/13/86 F 537** 55,000 2/28/76 * 537** 60,000 1/21/76 M 537** 65,000 4/13/86 F 537** 70,000 2/28/76 * 537** 75,000 30
31 Homogeneity Attack Issue: k-anonymity requires each tuple in (the multiset) T[QI] to appear k times, but does not say anything about the SA values If (almost) all SA values in a QI group are equal, loss of privacy! The problem is with the choice of grouping, not the data DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 Not Ok! DOB Sex ZIP Salary 1/21/76 * 537** 50,000 4/13/86 * 537** 55,000 2/28/76 * 537** 60,000 1/21/76 * 537** 50,000 4/13/86 * 537** 55,000 2/28/76 * 537** 60,000 31
32 Homogeneity Attack Issue: k-anonymity requires each tuple in (the multiset) T[QI] to appear k times, but does not say anything about the SA values If (almost) all SA values in a QI group are equal, loss of privacy! The problem is with the choice of grouping, not the data For some groupings, no loss of privacy DOB Sex ZIP Salary 1/21/76 M ,000 4/13/86 F ,000 2/28/76 M ,000 1/21/76 M ,000 4/13/86 F ,000 2/28/76 F ,000 Ok! DOB Sex ZIP Salary * , * , * , * , * , * ,000 32
33 Homogeneity Intuition: A k-anonymized table T represents the set of all possible tables T i s.t. T is a k-anonymization of T i Lack of diversity of SA values implies that for large fraction of possible tables, some fact is true, which can violate privacy DOB Sex ZIP Salary 1/21/76 * 537** 50,000 4/13/86 * 537** 55,000 2/28/76 * 537** 60,000 1/21/76 * 537** 50,000 4/13/86 * 537** 55,000 2/28/76 * 537** 60,000 SSN DOB Sex ZIP /21/76 M
34 l-diversity l-diversity Principle: a table is l-diverse if each of its QI groups contains at least l well-represented values for the SA Frequency l-diversity: for each QI group g, no SA value should occur more than 1/l fraction of the time DOB Sex ZIP Salary 1/21/76 * 537** 50,000 4/13/86 * 537** 50,000 2/28/76 * 537** 60,000 1/21/76 * 537** 55,000 4/13/86 * 537** 55,000 2/28/76 * 537** 65,000 Even l-diversity has its weaknesses: an adversary can use machine learning techniques to make inferences about individuals 34
35 Summary Concepts in database security: integrity, availability, confidentiality Statistical databases, and differential privacy to protect data Data anonymization: k-anonymity and l-diversity Identifiers, Quasi-identifiers, sensitive attributes Recommended reading: Chapter: Database Security in Elmasri and Navathe A Firm Foundation for Private Data Analysis, Cynthia Dwork k-anonymity, V. Ciriani, S. De Capitani di Vimercati, S. Foresti, and P. Samarati 35
Challenges of Data Privacy in the Era of Big Data. Rebecca C. Steorts, Vishesh Karwa Carnegie Mellon University November 18, 2014
Challenges of Data Privacy in the Era of Big Data Rebecca C. Steorts, Vishesh Karwa Carnegie Mellon University November 18, 2014 1 Outline Why should we care? What is privacy? How do achieve privacy? Big
More informationCS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
More information(Big) Data Anonymization Claude Castelluccia Inria, Privatics
(Big) Data Anonymization Claude Castelluccia Inria, Privatics BIG DATA: The Risks Singling-out/ Re-Identification: ADV is able to identify the target s record in the published dataset from some know information
More informationDATA MINING - 1DL360
DATA MINING - 1DL360 Fall 2013" An introductory class in data mining http://www.it.uu.se/edu/course/homepage/infoutv/per1ht13 Kjell Orsborn Uppsala Database Laboratory Department of Information Technology,
More informationPrivacy Techniques for Big Data
Privacy Techniques for Big Data The Pros and Cons of Syntatic and Differential Privacy Approaches Dr#Roksana#Boreli# SMU,#Singapore,#May#2015# Introductions NICTA Australia s National Centre of Excellence
More informationDatabase and Data Mining Security
Database and Data Mining Security 1 Threats/Protections to the System 1. External procedures security clearance of personnel password protection controlling application programs Audit 2. Physical environment
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationPrinciples and Best Practices for Sharing Data from Environmental Health Research: Challenges Associated with Data-Sharing: HIPAA De-identification
Principles and Best Practices for Sharing Data from Environmental Health Research: Challenges Associated with Data-Sharing: HIPAA De-identification Daniel C. Barth-Jones, M.P.H., Ph.D Assistant Professor
More informationComputer Security (EDA263 / DIT 641)
Computer Security (EDA263 / DIT 641) Lecture 12: Database Security Erland Jonsson Department of Computer Science and Engineering Chalmers University of Technology Sweden Outline Introduction to databases
More informationDatabase security. André Zúquete Security 1. Advantages of using databases. Shared access Many users use one common, centralized data set
Database security André Zúquete Security 1 Advantages of using databases Shared access Many users use one common, centralized data set Minimal redundancy Individual users do not have to collect and maintain
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationOverview of Information Security. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Information Security Murat Kantarcioglu Pag. 1 Purdue University Outline Information Security: basic concepts Privacy: basic
More informationARX A Comprehensive Tool for Anonymizing Biomedical Data
ARX A Comprehensive Tool for Anonymizing Biomedical Data Fabian Prasser, Florian Kohlmayer, Klaus A. Kuhn Chair of Biomedical Informatics Institute of Medical Statistics and Epidemiology Rechts der Isar
More informationComputer Security (EDA263 / DIT 641)
Computer Security (EDA263 / DIT 641) Lecture in EDA263: Database Security Erland Jonsson Department of Computer Science and Engineering Chalmers University of Technology Sweden Outline Introduction to
More informationDatabase Security. Database Security Requirements
Database Security Laurie Williams williams@csc.ncsu.edu John Slankas John_Slankas@ncsu.edu Physical database integrity Logical database integrity Element integrity Auditability Access Control User Authentication
More informationInformation Security in Big Data using Encryption and Decryption
International Research Journal of Computer Science (IRJCS) ISSN: 2393-9842 Information Security in Big Data using Encryption and Decryption SHASHANK -PG Student II year MCA S.K.Saravanan, Assistant Professor
More informationPrivacy Preserved Association Rule Mining For Attack Detection and Prevention
Privacy Preserved Association Rule Mining For Attack Detection and Prevention V.Ragunath 1, C.R.Dhivya 2 P.G Scholar, Department of Computer Science and Engineering, Nandha College of Technology, Erode,
More informationCS 458 / 658 Computer Security and Privacy. Module outline. Module outline. Module 6 Database Security and Privacy. Winter 2010
CS 458 / 658 Computer Security and Privacy Module 6 Database Security and Privacy Winter 2010 Module outline 1 Introduction to databases 2 Security requirements 3 Data disclosure and inference 4 Multilevel
More informationPrivacy in Data Publication and Outsourcing Scenarios
Privacy in Data Publication and Outsourcing Scenarios Pierangela Samarati Dipartimento di Informatica Università degli Studi di Milano pierangela.samarati@unimi.it 12th International School on Foundations
More informationObfuscation of sensitive data in network flows 1
Obfuscation of sensitive data in network flows 1 D. Riboni 2, A. Villani 1, D. Vitali 1 C. Bettini 2, L.V. Mancini 1 1 Dipartimento di Informatica,Universitá di Roma, Sapienza. E-mail: {villani, vitali,
More informationDatabase Security. The Need for Database Security
Database Security Public domain NASA image L-1957-00989 of people working with an IBM type 704 electronic data processing machine. 1 The Need for Database Security Because databases play such an important
More informationPrivacy Preserving Data Mining
Privacy Preserving Data Mining Technion - Computer Science Department - Ph.D. Thesis PHD-2011-01 - 2011 Arie Friedman Privacy Preserving Data Mining Technion - Computer Science Department - Ph.D. Thesis
More informationPrivacy & data protection in big data: Fact or Fiction?
Privacy & data protection in big data: Fact or Fiction? Athena Bourka ENISA ISACA Athens Conference 24.11.2015 European Union Agency for Network and Information Security Agenda 1 Privacy challenges in
More informationA Survey of Quantification of Privacy Preserving Data Mining Algorithms
A Survey of Quantification of Privacy Preserving Data Mining Algorithms Elisa Bertino, Dan Lin, and Wei Jiang Abstract The aim of privacy preserving data mining (PPDM) algorithms is to extract relevant
More informationRisk Assessment Guide
KirkpatrickPrice Assessment Guide Designed Exclusively for PRISM International Members KirkpatrickPrice. innovation. integrity. delivered. KirkpatrickPrice Assessment Guide 2 Document Purpose The Assessment
More informationProtecting Patient Privacy. Khaled El Emam, CHEO RI & uottawa
Protecting Patient Privacy Khaled El Emam, CHEO RI & uottawa Context In Ontario data custodians are permitted to disclose PHI without consent for public health purposes What is the problem then? This disclosure
More informationDatabase Security. Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.
Database Security Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.edu 937-775-5119 Goals of DB Security Integrity: Only authorized users should be
More informationEfficient Algorithms for Masking and Finding Quasi-Identifiers
Efficient Algorithms for Masking and Finding Quasi-Identifiers Rajeev Motwani Stanford University rajeev@cs.stanford.edu Ying Xu Stanford University xuying@cs.stanford.edu ABSTRACT A quasi-identifier refers
More informationfuture proof data privacy
2809 Telegraph Avenue, Suite 206 Berkeley, California 94705 leapyear.io future proof data privacy Copyright 2015 LeapYear Technologies, Inc. All rights reserved. This document does not provide you with
More informationDESTINATION MELBOURNE PRIVACY POLICY
DESTINATION MELBOURNE PRIVACY POLICY 2 Destination Melbourne Privacy Policy Statement Regarding Privacy Policy Destination Melbourne Limited recognises the importance of protecting the privacy of personally
More informationDatabase Security. Sarajane Marques Peres, Ph.D. University of São Paulo www.each.usp.br/sarajane
Database Security Sarajane Marques Peres, Ph.D. University of São Paulo www.each.usp.br/sarajane Based on Elsmari x Navathe / Silberschatz, Korth, Sudarshan s books Types of security Legal and ethical
More informationModule outline. CS 458 / 658 Computer Security and Privacy. (Relational) Databases. Module outline. Module 6 Database Security and Privacy.
Module outline CS 458 / 658 Computer Security and Privacy Module 6 Database Security and Privacy Fall 2008 1 Introduction to databases 2 Security requirements 3 Data disclosure and inference 4 Multilevel
More informationSecure Computation Martin Beck
Institute of Systems Architecture, Chair of Privacy and Data Security Secure Computation Martin Beck Dresden, 05.02.2015 Index Homomorphic Encryption The Cloud problem (overview & example) System properties
More informationSECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)
SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity
More informationAircloak Analytics: Anonymized User Data without Data Loss
Aircloak Analytics: Anonymized User Data without Data Loss An Aircloak White Paper Companies need to protect the user data they store for business analytics. Traditional data protection, however, is costly
More informationDe-identification Koans. ICTR Data Managers Darren Lacey January 15, 2013
De-identification Koans ICTR Data Managers Darren Lacey January 15, 2013 Disclaimer There are several efforts addressing this issue in whole or part Over the next year or so, I believe that the conversation
More informationClient Server Registration Protocol
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
More informationDATA MINING - 1DL105, 1DL025
DATA MINING - 1DL105, 1DL025 Fall 2009 An introductory class in data mining http://www.it.uu.se/edu/course/homepage/infoutv/ht09 Kjell Orsborn Uppsala Database Laboratory Department of Information Technology,
More informationPrivacy Policy and Notice of Information Practices
Privacy Policy and Notice of Information Practices Effective Date: April 27, 2015 BioMarin Pharmaceutical Inc. ("BioMarin") respects the privacy of visitors to its websites and online services and values
More informationReasoning Component Architecture
Architecture of a Spam Filter Application By Avi Pfeffer A spam filter consists of two components. In this article, based on my book Practical Probabilistic Programming, first describe the architecture
More informationPrivacy Committee. Privacy and Open Data Guideline. Guideline. Of South Australia. Version 1
Privacy Committee Of South Australia Privacy and Open Data Guideline Guideline Version 1 Executive Officer Privacy Committee of South Australia c/o State Records of South Australia GPO Box 2343 ADELAIDE
More informationPrivacy by Design für Big Data
Dr. Günter Karjoth 26. August 2013 Sommerakademie Kiel Privacy by Design für Big Data 1 / 34 2013 IBM Coorporation Privacy by Design (PbD) proposed by Ann Cavoukin, Privacy Commissioner Ontario mostly
More informationCladICT & the Different Types of Information - Tutorial
Michael Clarkson and Fred B. Schneider Cornell University RADICAL May 10, 2010 Goal Information-theoretic Quantification of programs impact on Integrity of Information [Denning 1982] (relationship to database
More informationDefining and Enforcing Privacy in Data Sharing
Defining and Enforcing Privacy in Data Sharing Ashwin Kumar V. Machanavajjhala June 26, 2008 Abstract. Recent advances in processing and storing information has led to an explosion of data collection.
More informationNotes on Network Security - Introduction
Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network
More informationProbabilistic Prediction of Privacy Risks
Probabilistic Prediction of Privacy Risks in User Search Histories Joanna Biega Ida Mele Gerhard Weikum PSBD@CIKM, Shanghai, 07.11.2014 Or rather: On diverging towards user-centric privacy Traditional
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC
More informationITM661 Database Systems. Database Security and Administration
ITM661 Database Systems Database Security and Administration Outline Introduction to Database Security Issues Types of Security Threats to databases Database Security and DBA Access Protection, User Accounts,
More informationSecure Thinking Bigger Data. Bigger risk?
Secure Thinking Bigger Data. Bigger risk? MALWARE HACKERS REPUTATION PROTECTION RISK THEFT There has always been data. What is different now is the scale and speed of data growth. Every day we create 2.5
More informationZubi Advertising Privacy Policy
Zubi Advertising Privacy Policy This privacy policy applies to information collected by Zubi Advertising Services, Inc. ( Company, we or us ), on our Latino Emoji mobile application or via our Latino Emoji
More informationNetwork & Information Security Policy
Policy Version: 2.1 Approved: 02/20/2015 Effective: 03/02/2015 Table of Contents I. Purpose................... 1 II. Scope.................... 1 III. Roles and Responsibilities............. 1 IV. Risk
More informationDe-Identification 101
De-Identification 101 We live in a world today where our personal information is continuously being captured in a multitude of electronic databases. Details about our health, financial status and buying
More informationPrivacy-preserving Data-aggregation for Internet-of-things in Smart Grid
Privacy-preserving Data-aggregation for Internet-of-things in Smart Grid Aakanksha Chowdhery Postdoctoral Researcher, Microsoft Research ac@microsoftcom Collaborators: Victor Bahl, Ratul Mahajan, Frank
More informationDegrees of De-identification of Clinical Research Data
Vol. 7, No. 11, November 2011 Can You Handle the Truth? Degrees of De-identification of Clinical Research Data By Jeanne M. Mattern Two sets of U.S. government regulations govern the protection of personal
More informationDifferential Privacy Tutorial Simons Institute Workshop on Privacy and Big Data. Katrina Ligett Caltech
Differential Privacy Tutorial Simons Institute Workshop on Privacy and Big Data Katrina Ligett Caltech 1 individuals have lots of interesting data... 12 37-5 π 2 individuals have lots of interesting data...
More informationA generalized Framework of Privacy Preservation in Distributed Data mining for Unstructured Data Environment
www.ijcsi.org 434 A generalized Framework of Privacy Preservation in Distributed Data mining for Unstructured Data Environment V.THAVAVEL and S.SIVAKUMAR* Department of Computer Applications, Karunya University,
More informationHIPAA Privacy & Security White Paper
HIPAA Privacy & Security White Paper Sabrina Patel, JD +1.718.683.6577 sabrina@captureproof.com Compliance TABLE OF CONTENTS Overview 2 Security Frameworks & Standards 3 Key Security & Privacy Elements
More informationPrivacy Challenges of Telco Big Data
Dr. Günter Karjoth June 17, 2014 ITU telco big data workshop Privacy Challenges of Telco Big Data Mobile phones are great sources of data but we must be careful about privacy 1 / 15 Sources of Big Data
More informationARTICLE 29 DATA PROTECTION WORKING PARTY
ARTICLE 29 DATA PROTECTION WORKING PARTY 0829/14/EN WP216 Opinion 05/2014 on Anonymisation Techniques Adopted on 10 April 2014 This Working Party was set up under Article 29 of Directive 95/46/EC. It is
More informationProtecting Respondents' Identities in Microdata Release
1010 IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 13, NO. 6, NOVEMBER/DECEMBER 2001 Protecting Respondents' Identities in Microdata Release Pierangela Samarati, Member, IEEE Computer Society
More informationCPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 1 September 2, 2015 CPSC 467, Lecture 1 1/13 Protecting Information Information security Security principles Crypto as a security
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationInformation Security in Big Data: Privacy and Data Mining (IEEE, 2014) Dilara USTAÖMER 2065787
Information Security in Big Data: Privacy and Data Mining (IEEE, 2014) Dilara USTAÖMER 2065787 2015/5/13 OUTLINE Introduction User Role Based Methodology Data Provider Data Collector Data Miner Decision
More informationKnowledge Based Authentication (KBA) Metrics
Knowledge Based Authentication (KBA) Metrics Santosh Chokhani, Ph.D. February, 2004 Background Model for KBA Issues and Considerations Practical Usage of KBA Metrics for KBA Applicability to U.S. Government
More informationAnonymization: Enhancing Privacy and Security of Sensitive Data of Online Social Networks
Anonymization: Enhancing Privacy and Security of Sensitive Data of Online Social Networks Mr.Gaurav.P.R. PG Student, Dept.Of CS&E S.J.M.I.T Chitradurga, India Mr.Gururaj.T M.Tech Associate Professor, Dept.Of
More informationDATABASE SECURITY - ATTACKS AND CONTROL METHODS
DATABASE SECURITY - ATTACKS AND CONTROL METHODS Emil BURTESCU 1 PhD, Associate Professor, Department of Accounting and Management Informatics, University of Pitesti, Pitesti, Romania E-mail: emil.burtescu@yahoo.com,
More informationAn Improved Collude Attack Prevention for Data Leakage * ha.r.p
Vol.2, Issue.1, Jan-Feb 2012 pp-479-483 ISSN: 2249-6645 An Improved Collude Attack Prevention for Data Leakage * ha.r.p 1 Keerthana.P, 2 Narmadha.R.P 1 (Final ME (CSE), Sri Shakthi Institute Of Engineering
More informationPracticing Differential Privacy in Health Care: A Review
TRANSACTIONS ON DATA PRIVACY 5 (2013) 35 67 Practicing Differential Privacy in Health Care: A Review Fida K. Dankar*, and Khaled El Emam* * CHEO Research Institute, 401 Smyth Road, Ottawa, Ontario E mail
More informationPolicy-based Pre-Processing in Hadoop
Policy-based Pre-Processing in Hadoop Yi Cheng, Christian Schaefer Ericsson Research Stockholm, Sweden yi.cheng@ericsson.com, christian.schaefer@ericsson.com Abstract While big data analytics provides
More informationPrivacy and Data-Based Research
Journal of Economic Perspectives Volume 28, Number 2 Spring 2014 Pages 75 98 Privacy and Data-Based Research Ori Heffetz and Katrina Ligett On n August 9, 2006, the Technology section of the New York Times
More information7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.
Content 1.Introduction to Data and Network Security. 2. Why secure your Network 3. How Much security do you need, 4. Communication of network systems, 5. Topology security, 6. Cryptosystems and Symmetric
More information83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff
83-10-35 A New Security Model for Networks and the Internet Dan Thomsen Payoff Computer security is a matter of controlling how data is shared for reading and modifying. Type enforcement is a new security
More informationSkills Route Limited. Terms and Conditions of Use
Skills Route Limited Terms and Conditions of Use Effective Date: These Terms and Conditions are effective from 2 nd February 2016. 1 Definitions used in these Terms and Conditions Effective Date The date
More informationDISCLOSURES WEB PRIVACY POLICY
DISCLOSURES WEB PRIVACY POLICY This Privacy Policy governs your use of this website and any content, products or services made available from or through this website including any sub domains thereof ("Website").
More informationYALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467a: Cryptography and Computer Security Notes 1 (rev. 1) Professor M. J. Fischer September 3, 2008 1 Course Overview Lecture Notes 1 This course is
More informationPrivacy Policy. Effective Date: November 20, 2014
Privacy Policy Effective Date: November 20, 2014 Welcome to the American Born Moonshine website (this Site ). This policy describes the Privacy Policy (this Policy ) for this Site and describes how Windy
More informationJoint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One
Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session One Information Security- Perspective for Management Information Security Management Program Concept
More informationPRIVACY PRESERVING ASSOCIATION RULE MINING
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 10, October 2014,
More informationSecure cloud access system using JAR ABSTRACT:
Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that
More informationA GENERAL SURVEY OF PRIVACY-PRESERVING DATA MINING MODELS AND ALGORITHMS
Chapter 2 A GENERAL SURVEY OF PRIVACY-PRESERVING DATA MINING MODELS AND ALGORITHMS Charu C. Aggarwal IBM T. J. Watson Research Center Hawthorne, NY 10532 charu@us.ibm.com Philip S. Yu IBM T. J. Watson
More informationSurvey of Research on Information Security in Big Data
Survey of Research on Information Security in Big Data Zhang Hongjun 1, Hao Wenning 1, He Dengchao 1, Mao Yuxing 1 1 PLA university of Industry and Technology Nan Jing, China hdchao1989@163.com Abstract.
More informationHow to Select a National Student/Parent School Opinion Item and the Accident Rate
GUIDELINES FOR ASKING THE NATIONAL STUDENT AND PARENT SCHOOL OPINION ITEMS Guidelines for sampling are provided to assist schools in surveying students and parents/caregivers, using the national school
More informationCryptography for the Cloud
Cryptography for the Cloud ENS - CNRS - INRIA Cyber-Sécurité - SPECIF CNAM, Paris, France - November 7th, 2014 The Cloud Introduction 2 Access from Anywhere Introduction 3 Available for Everything One
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationTaxonomic Modeling of Security Threats in Software Defined Networking
Taxonomic Modeling of Security Threats in Software Defined Networking Recent advances in software defined networking (SDN) provide an opportunity to create flexible and secure next-generation networks.
More informationIY2760/CS3760: Part 6. IY2760: Part 6
IY2760/CS3760: Part 6 In this part of the course we give a general introduction to network security. We introduce widely used security-specific concepts and terminology. This discussion is based primarily
More informationData Security - Trends and Remedies
1 Overvie w of Data Anonymiz ation Points to Ponder What is data anonymization? What are the drivers for data anonymization? Here are some startling statistics on security incidents and private data breaches:
More informationADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013
ADVISORY GUIDELINES ON THE PERSONAL DATA PROTECTION ACT FOR SELECTED TOPICS ISSUED BY THE PERSONAL DATA PROTECTION COMMISSION ISSUED 24 SEPTEMBER 2013 REVISED 16 MAY 2014 PART I: INTRODUCTION AND OVERVIEW...
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationNo Free Lunch in Data Privacy
No Free Lunch in Data Privacy Daniel Kifer Penn State University dan+sigmod11@cse.psu.edu Ashwin Machanavajjhala Yahoo! Research mvnak@yahoo-inc.com ABSTRACT Differential privacy is a powerful tool for
More informationTELEFÓNICA UK LTD. Introduction to Security Policy
TELEFÓNICA UK LTD Introduction to Security Policy Page 1 of 7 CHANGE HISTORY Version No Date Details Authors/Editor 7.0 1/11/14 Annual review including change control added. Julian Jeffery 8.0 1/11/15
More informationDe-Identification of Clinical Data
De-Identification of Clinical Data Sepideh Khosravifar, CISSP Info Security Analyst IV Tyrone Grandison, PhD Manager, Privacy Research, IBM TEPR Conference 2008 Ft. Lauderdale, Florida May 17-21, 2008
More informationAccess Control Models Part I. Murat Kantarcioglu UT Dallas
UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Models Part I Murat Kantarcioglu UT Dallas Introduction Two main categories: Discretionary Access Control Models (DAC) Definition:
More informationCOSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1
COSC344 Database Theory and Applications Lecture 23 Security and Auditing COSC344 Lecture 23 1 Overview Last Lecture Indexing This Lecture Database Security and Auditing Security Mandatory access control
More informationPrivacy Policy GetYou
Privacy Policy GetYou How We Use and Manage Your Data Key Information GetYou respects your right to privacy in the on-line world when you use our service and communicate electronically with us. We put
More informationBig Data - Security and Privacy
Big Data - Security and Privacy Elisa Bertino CS Department, Cyber Center, and CERIAS Purdue University Cyber Center! Big Data EveryWhere! Lots of data is being collected, warehoused, and mined Web data,
More informationPrivacy-preserving Data Mining: current research and trends
Privacy-preserving Data Mining: current research and trends Stan Matwin School of Information Technology and Engineering University of Ottawa, Canada stan@site.uottawa.ca Few words about our research Universit[é
More informationData Privacy and Biomedicine Syllabus - Page 1 of 6
Data Privacy and Biomedicine Syllabus - Page 1 of 6 Course: Data Privacy in Biomedicine (BMIF-380 / CS-396) Instructor: Bradley Malin, Ph.D. (b.malin@vanderbilt.edu) Semester: Spring 2015 Time: Mondays
More informationDifferential privacy in health care analytics and medical research An interactive tutorial
Differential privacy in health care analytics and medical research An interactive tutorial Speaker: Moritz Hardt Theory Group, IBM Almaden February 21, 2012 Overview 1. Releasing medical data: What could
More information