The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Database-as-a-service (DAAS) is a new model for data management, where a service provider offers customers software management functionalities as well as the use of expensive hardware. This service enables data integration and access on a large scale in cloud computing infrastructures. Addressing data privacy in DAAS is considered a significant issue for any organizational database. Due to the fact...
Database outsourcing is emerging as an important trend in which the data owners ship their data to external service provider. Since a service provider is not fully trusted, security and privacy are significant issues. They can be referred to as data confidentiality, user and data privacy, query assurance and secure auditing. Among them, secure auditing takes an important role to have a secure database...
Two different approaches to defining a notion of database privacy, the generalization method and the perturbation method, have been independently studied. These two approaches are significantly different, making it hard to compare related research. In this paper, we propose a unified model that is based on the perturbation method, but which is applicable to generalized data sets. In particular, this...
Database-centric applications (DCAs) are common in enterprise computing, and they use nontrivial databases. Testing of DCAs is increasingly outsourced to test centers in order to achieve lower cost and higher quality. When releasing proprietary DCAs, its databases should also be made available to test engineers, so that they can test using real data. Testing with real data is important, since fake...
The outsourcing of databases to third parties has become a viable alternative to traditional in-house data management. Database management by third parties including the storage and maintenance allows companies to reduce their expenses and profit from the expertise of data storage specialists. However, the price is the transfer of confidential data to third parties. The data owners need to trust the...
Two kinds of integrity measures-contamination and suppression-are introduced. Contamination measures how much untrusted information reaches trusted outputs; it is the dual of information-flow confidentiality. Suppression measures how much information is lost from outputs; it does not have a confidentiality dual. Two forms of suppression are considered: programs and channels. Program suppression measures...
This paper describes a security problem involving an online data repository which acts as a proxy for multiple companies allowing their customers to perform online services (e.g., pay invoices). The repository's host is trusted to honestly fulfil its duties in maintaining the data in a manner consistent with each companies' required services. However, the information stored by the repository remains...
The security concerns with outsourcing XML databases are well known. In the past few years researchers have proposed solutions to many of the concerns in the current outsourced database model. However one area remains relatively untouched, the securing of queries to outsourced XML databases. Most current research fails to even specify how the user will actually query the outsourced data. Therefore...
In order to validate user requirements, tests are often conducted on real data. However, developments and tests are more and more outsourced, leading companies to provide external staff with real confidential data. A solution to this problem is known as Data Scrambling. Many algorithms aim at smartly replacing true data by false but realistic ones. However, nothing has been developed to automate the...
We propose a novel model-driven application-level encryption solution to protect the privacy and confidentiality of health data in response to the growing public concern about the privacy of health data. Domain experts specify sensitive data which are to be protected by encryption in the application's domain model. Security experts specify the cryptographic parameters used for the encryption in a...
Data mining techniques are able to derive highly sensitive knowledge from unclassified data that is not even known to database holders. Usually, data mining contains the secured information such as financial and healthcare records. To handle such large private database with, data mining algorithms with privacy is required. The privacy preserving becomes important concern when we dealing security related...
The electronic identity (eID) is being positioned to be a basic tool for identification, authentication and authorization in application domains ranging from eCommerce in private sector to eGovernance in public sector. A practical and flexible eID should be usable in both a network-connected online setting as well as in conventional offline situations. While improving security of communication and...
This work studies formal utility and privacy guarantees for a simple multiplicative database transformation, where the data are compressed by a random linear or affine transformation, reducing the number of data records substantially, while preserving the number of original input variables.We provide an analysis framework inspired by a recent concept known as differential privacy. Our goal is to show...
Database security has become a vital issue in modern Web applications. Critical business data in databases is an evident target for attack. Therefore, ensuring the confidentiality, privacy and integrity of data is a major issue for the security of database systems. Recent high profile data thefts have shown that perimeter defenses are insufficient to secure sensitive data. This paper studies security...
K-anonymity is one simple and efficient method to achieve sensitive data protected in data sharing application. The traditional k-anonymity techniques, however, have all tuples of publishing database involve in anonymity generalize which lead to reduce the precision of publishing table. This paper firstly proposes a naiumlve sensitive tuple anonymity method. In this method only sensitive tuples are...
Data outsourcing or database as a service is a new paradigm for data management in which a third party service provider hosts a database as a service. The service provides data management for its customers and thus obviates the need for the service user to purchase expensive hardware and software, deal with software upgrades and hire professionals for administrative and maintenance tasks. Since using...
We propose here an efficient data mining algorithm to hide collaborative recommendation association rules when the database is updated, i.e., when a new data set is added to the original database. For a given predicted item, a collaborative recommendation association rule set [10] is the smallest association rule set that makes the same recommendation as the entire association rule set by confidence...
We present here a report on a new performance evaluation system for biometric systems, which is secure, automatic and remote. This system will provide developers in biometrics to progress in their works, avoiding problems with data protection policies related to testing, but without compromising the privacy of testing subjects. Biometric testing needs personal data to be recorded and used. Therefore...
This paper explores the difference between two types of information: personal identifiable information (PII), and non-identifiable information (NII) to argue that security, policy, and technical requirements set PII apart from NII. The paper describes databases of personal identifiable information that are built exclusively for this type of information with their own conceptual scheme, system management,...
With rapid advance of the network and data mining techniques, the protection of the confidentiality of sensitive information in a database becomes a critical issue when releasing data to outside parties. Association analysis is a powerful and popular tool for discovering relationships hidden in large data sets. The relationships can be represented in a form of frequent itemsets or association rules...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.