Name
Abstract | ||
|---|---|---|
We introduce operations to safely update an anatomized database. The result is a database where the view of the server satisfies standards such as k-anonymity or l-diversity, but the client is able to query and modify the original data. By exposing data where possible, the server can perform value-added services such as data analysis not possible with fully encrypted data, while still being unable to violate privacy constraints. Update is a key challenge with this model; naïve application of insertion and deletion operations reveals the actual data to the server. This paper shows how data can be safely inserted, deleted, and updated. The key ideas are that data is inserted or updated into an encrypted temporary table until enough data is available to safely decrypt, and that sensitive information of deleted tuples is left behind to ensure privacy of both deleted and undeleted individuals. This approach is proven effective in maintaining the privacy constraint against an adversarial server. The paper also gives empirical results on how much data remains encrypted, and the resulting quality of the server's (anatomized) view of the data, for various update and delete rates. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2452376.2452399 | EDBT |
Keywords | Field | DocType |
encrypted temporary table,actual data,enough data,encrypted data,data analysis,outsourced anatomized private databases,adversarial server,various update,privacy constraint,anatomized database,original data,differential privacy,privacy,security,and,record linkage | Data mining,Record linkage,Differential privacy,Tuple,Computer science,Encryption,Information sensitivity,Database,Adversarial system | Conference |
Citations | PageRank | References |
5 | 0.44 | 23 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ahmet Erhan Nergiz | 1 | 77 | 4.27 |
| Chris Clifton | 2 | 3327 | 544.44 |
| Qutaibah M. Malluhi | 3 | 189 | 55.68 |