The balance between privacy and utility is a classical problem with an increasing impact on the design of modern information systems. On the one side it is crucial to ensure that sensitive information is properly protected; on the other side, the impact of protection on the workload must be limited as query efficiency and system performance remain a primary requirement. We address this privacy/efficiency balance proposing an approach that, starting from a flexible definition of confidentiality constraints on a relational schema, applies encryption on information in a parsimonious way and mostly relies on fragmentation to protect sensitive associations among attributes. Fragmentation is guided by workload considerations so to minimize the cost of executing queries over fragments. We discuss the minimization problem when fragmenting data and provide a heuristic approach to its solution.
Fragmentation design for efficient query execution over sensitive distributed databases / V. Ciriani, S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati - In: The 29th IEEE international conference on distributed computing systems : 22-26 june 2009, Montreal, Quebec, Canada : proceedingsLos Alamitos : Institute of electrical and electronics engineers, 2009. - ISBN 9780769536590. - pp. 32-39 (( Intervento presentato al 29. convegno International Conference on Distributed Computing Systems (ICDCS) tenutosi a Montreal nel 2009.
Fragmentation design for efficient query execution over sensitive distributed databases
V. CirianiPrimo
;S. De Capitani di VimercatiSecondo
;S. Foresti;P. SamaratiUltimo
2009
Abstract
The balance between privacy and utility is a classical problem with an increasing impact on the design of modern information systems. On the one side it is crucial to ensure that sensitive information is properly protected; on the other side, the impact of protection on the workload must be limited as query efficiency and system performance remain a primary requirement. We address this privacy/efficiency balance proposing an approach that, starting from a flexible definition of confidentiality constraints on a relational schema, applies encryption on information in a parsimonious way and mostly relies on fragmentation to protect sensitive associations among attributes. Fragmentation is guided by workload considerations so to minimize the cost of executing queries over fragments. We discuss the minimization problem when fragmenting data and provide a heuristic approach to its solution.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.