CS573 Data Privacy and Security
Secure data outsourcing – Combining encryption and fragmentation
Combining Fragmentation and Encryption for outsourcing
• Breaking sensitive associations between attributes
Confidentiality Constraints
• Example: constraint {DoB, Zip, Illness}– Okay to release {DoB, Zip}, {Zip}, …
Constraint Example
Basic ideas
• Singleton constraints– encryption
• Association constraints– encryption of any one attribute– Fragmentation of the attributes
Example
Fragmentation
• Classical distributed database design problem (vertical fragmentation)
• Total number of possible fragmentations given N attributes?
• What would be an optimal fragmentation?
Optimal fragmentation
• Correctly enforce constraints• Maximal visibility• Minimal fragmentation– Maximal attribute affinity
• Problem is NP hard
Algorithm without confidentiality constraints
• Without confidentiality constraints - Hierarchical clustering
• With confidentiality constraints?– {s}, {n,d}, {n,z}, {n, i}, {n, p}, {d, z, i}, {d, z, p}
References
• Combining fragmentation and encryption to protect privacy in data storage, TISSEC, 2010
• Fragmentation design for efficient query execution over sensitive distributed databases, ICDCS, 2009