tddd17 informatjon security topic database privacy
play

TDDD17 Informatjon Security Topic: Database Privacy Olaf Hartjg - PowerPoint PPT Presentation

Oct 04, 2022 •175 likes •496 views

TDDD17 Informatjon Security Topic: Database Privacy Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Many of the slides in this slide set are adaptations of lecture slides of Prof. Johann-Christoph Freytag (Humboldt Universitt zu Berlin).

  1. TDDD17 Informatjon Security Topic: Database Privacy Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Many of the slides in this slide set are adaptations of lecture slides of Prof. Johann-Christoph Freytag (Humboldt Universität zu Berlin).

  2. What is Privacy?

  3. Defjnitjons of Privacy ● Alan Westin, Privacy and Freedom, 1967 “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” ● Control over information ● Relevant when you give personal information on a Web site (agree to privacy policy of the Web site) ● You may not always have control – e.g., personal health information TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 4

  4. Defjnitjons of Privacy (cont’d) ● Latanya Sweeney, in Int. Journal on Uncertainty, Fuzziness and Knowledge‐based Systems, 2002 “Privacy reflects the ability of a person, organization, government, or entity to control its own space, where the concept of space takes on different contexts.” ● Examples of privacy spaces: – Physical space (e.g., against invasion) – Bodily space (e.g., medical consent) – Computer space (e.g., spam) – Web browsing space (Internet privacy) TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 5

  5. Dimensions of Privacy ● Personal privacy – Protecting a person against undue interference (e.g., physical searches) and information that violates his/her moral sense ● Territorial privacy – Protecting a physical area surrounding a person that may not be violated without the acquiescence of the person ● Informational privacy – Deals with the gathering, compilation, and selective dissemination of information TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 7

  6. Privacy and Utjlity ● Ruth Gavison, Privacy and the Limits of Law, 1980 “We start from the obvious fact that both perfect privacy and total loss of privacy are undesirable. Individuals must be in some intermediate state – a balance between privacy and interaction […] Privacy thus cannot be said to be a value in the sense that the more people have of it, the better.” ● Balance between privacy and utility – e.g., health data could be shared with medical researchers Picture source: https://www.flickr.com/photos/61056899@N06/5751301741 TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 8

  7. Example The Massachusetts Governor Privacy Breach Latanya Sweeney: Achieving k‐Anonymity Privacy Protection Using Generalization and Suppression . International Journal of Uncertainty, Fuzziness and Knowledge‐Based Systems 10(5), 2002.

  8. Massachusetus Governor Privacy Breach ● In Massachusetts, USA, the Group Insurance Commission (GIC) is responsible for purchasing health insurance for state employees ● GIC has to publish the data: GIC ZIP DOB Sex Diagnostic Medication ... TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 10

  9. Sweeney’s Experiment ● Is it always obvious that privacy is violated/breached? ● Sweeney paid $20 to buy the voter registration list for Cambridge, MA VOTER Name Address ... ZIP DOB Sex TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 11

  10. Sweeney’s Findings ● William Weld (former governor of MA) lives in Cambridge, hence is in VOTER ● 6 people in VOTER share his date of birth (dob) ● only 3 of them were man (same sex) ● Weld was the only one in that zip ● Sweeney learned Weld’s medical records! GIC ZIP DOB Sex Diagnostic Medication ... VOTER Name Address ... ZIP DOB Sex ● 87 % of US population can be identified by the combination of ZIP, DOB, and sex TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 12

  11. Basic Terminology and Goals of Database Privacy

  12. Defjnitjon: Quasi-Identjfjer A set of non-sensitive attributes QI T = { A i , …, A j } of a table T is called a quasi-identifier if these attributes can be linked with external data to uniquely identify at least one individual in the general population Ω. ZIP Age Sex Disease Name ZIP Age Sex 12211 18 M Arthritis Chris 12211 18 M 12244 19 M Cold Jack 19221 20 M ... ... ... ... T public database Name ZIP Age Sex Disease Ω = {Chris, David, Jack, … } Chris 12211 18 M Arthritis QI T = {ZIP, Age, Sex} TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 14

  13. Challenge ● Given: person-specific data T SSN Name ZIP Age Sex Disease 003 Chris 12211 18 M Arthritis 004 David 12244 19 M Cold 010 Ethan 12245 27 M Heart problem 029 Frank 12377 27 M Flu 034 Gillian 12377 27 F Arthritis 059 Helen 12391 34 F Diabetes 077 Ireen 12391 45 F Flu identifier quasi-identifier sensitive attributes ● Goal: privacy-preserving public release table T * – Information should remain practically useful Picture source: https://www.flickr.com/photos/61056899@N06/5751301741 TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 15

  14. k -Anonymity Latanya Sweeney: Achieving k‐Anonymity Privacy Protection Using Generalization and Suppression . International Journal of Uncertainty, Fuzziness and Knowledge‐Based Systems 10(5), 2002.

  15. Defjnitjon A table T satisfies k -anonymity if for every tuple t in T there exist (at least) k –1 other tuples t 1 , t 2 , …, t k –1 in T such that we have t [QI T ] = t 1 [QI T ] = t 2 [QI T ] = t k –1 [QI T ] for each quasi-identifier QI T . ZIP Age Sex Disease ZIP Age Sex Disease 12211 18 M Arthritis 122** 18-19 M Arthritis 12244 19 M Cold 122** 18-19 M Cold 12245 27 M Heart problem * 27 * Heart problem 12377 27 M Flu * 27 * Flu 12377 27 F Arthritis * 27 * Arthritis 12391 34 F Diabetes 12391 ≥ 30 F Diabetes 12391 45 F Flu 12391 ≥ 30 F Flu T 2-anonymous table T* TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 17

  16. Example ZIP Age Sex Disease 122** 18-19 M Arthritis QI group / equivalence class 122** 18-19 M Cold * 27 * Heart problem * 27 * Flu * 27 * Arthritis Name ZIP Age Sex 12391 ≥ 30 F Diabetes Chris 12211 18 M 12391 ≥ 30 F Flu Jack 19221 20 M 2-anonymous table T* public database Name ZIP Age Sex Disease Disease of Chris? Arthritis or cold? Chris 12211 18 M Arthritis Chris 12211 18 M Cold TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 18

  17. Privacy vs. Utjlity ZIP Age Sex Disease ZIP Age Sex Disease 122** 18-19 M Arthritis * ≤ 19 M Arthritis 122** 18-19 M Cold * ≤ 19 M Cold * 27 * Heart problem * 18-65 * Heart problem * 27 * Flu * 18-65 * Flu * 27 * Arthritis * 18-65 * Arthritis 12391 ≥ 30 F Diabetes 12*** ≥ 20 * Diabetes 12391 ≥ 30 F Flu 12*** ≥ 20 * Flu 2-anonymous table 2-anonymous table high information content low information content Optimization problem: achieving k -anonymity ● by hiding the minimum amount of information L. Sweeney: Achieving k‐Anonymity Privacy Protection Using Generalization and Suppression . Int. – Journal on Uncertainty, Fuzziness and Knowledge‐based Systems, 2002 – G. Aggarwal et al.: Approximation Algorithms for k‐Anonymity . Journal of Privacy Technology, 2005 TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 20

  18. Two Types of Informatjon Disclosure ● Identity disclosure: individual can be linked to a particular record in the released table – Achieved by k -anonymity ● Attribute disclosure: learning something new about an individual or a group of individuals – i.e., the released data makes it possible to infer the characteristics of an individual more accurately than it would be possible without the data release TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 21

  19. Example: Aturibute Disclosure ZIP Age Sex Disease ZIP Age Sex Disease 12211 18 M Heart disease 122** 18-19 M Heart disease 12244 19 M Heart disease 122** 18-19 M Heart disease 12245 19 M Heart disease 122** 18-19 M Heart disease 12245 27 M Cancer 12*** 27 * Cancer 12377 27 F Arthritis 12*** 27 * Arthritis 12377 27 F Diabetes 12*** 27 * Diabetes 12391 34 F Breast cancer 12391 ≥ 30 * Breast cancer 12391 45 F Flu 12391 ≥ 30 * Flu 12391 47 M Flu 12391 ≥ 30 * Flu T 3-anonymous table T* TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 22

  20. Example: Aturibute Disclosure (cont’d) ZIP Age Sex Disease 122** 18-19 M Heart disease 122** 18-19 M Heart disease 122** 18-19 M Heart disease 12*** 27 * Cancer 12*** 27 * Arthritis 12*** 27 * Diabetes Name ZIP Age Sex 12391 ≥ 30 * Breast cancer Chris 12211 18 M 12391 ≥ 30 * Flu Jack 19221 20 M 12391 ≥ 30 * Flu public database 3-anonymous table T* ZIP Age Sex Disease Disease of Chris? Chris 12211 18 M Heart disease ? → heart disease 12211 18 M Heart disease no identity no protection against 12211 18 M Heart disease disclosure attribute disclosure TDDD17 Informatjon Security – Topic: Database Privacy Olaf Hartjg 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Many of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and Navathe. Before

572 views • 24 slides
TDDD17 Informatjon Security (VT 2020) Topic: Database Encryptjon Olaf Hartjg

TDDD17 Informatjon Security (VT 2020) Topic: Database Encryptjon Olaf Hartjg

TDDD17 Informatjon Security (VT 2020) Topic: Database Encryptjon Olaf Hartjg olaf.hartjg@liu.se Limitatjons of Access Control as a means to achieve the objectives of DB security (in particular, confidentiality and integrity)

603 views • 29 slides
TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2019) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Several of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and

284 views • 27 slides
TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Several of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and

555 views • 27 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
Malware Defense II TDDD17 Information Security, Second Course Alireza Mohammadinodooshan

Malware Defense II TDDD17 Information Security, Second Course Alireza Mohammadinodooshan

Malware Defense II TDDD17 Information Security, Second Course Alireza Mohammadinodooshan Department of Computer and Information Science Linkping University TDDD17 - Malware Defense II 1/31/2020 2 What Has Been Covered Malware

760 views • 50 slides
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security Statistical Database A statistical database is a database which provides statistics on subsets of records OLAP vs. OLTP Statistics may be

397 views • 37 slides
System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn Department of Computer and Information Science Linkping University System Security 2 Security in computer systems Hardware (System)

838 views • 56 slides
Authorization, Security, and Privacy 5DV119 Introduction to Database Management Ume a

Authorization, Security, and Privacy 5DV119 Introduction to Database Management Ume a

Authorization, Security, and Privacy 5DV119 Introduction to Database Management Ume a University Department of Computing Science Stephen J. Hegner hegner@cs.umu.se http://www.cs.umu.se/~hegner Authorization, Security, and Privacy

537 views • 40 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson Research Security / Lund University 1 2019-03-01 B. Smeets LiTH course Goal of this lecture Understand trusted computing and its purpose Threats

794 views • 66 slides
SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson

SYSTEM SECURITY III: TRUSTED COMPUTING TDDD17 Informationsskerhet Ben Smeets Ericsson Research Security / Lund University 1 2020-02-28 B. Smeets LiTH course Goal of this lecture Understand trusted computing and its purpose Threats

1.42k views • 65 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting Revoking Views Database Systems SQL Insertion Attacks Michael Pound Further Reading The Manga Guide to Databases, Chapter 5 Database

285 views • 7 slides
Secure Sofuware Design For Data Privacy Narudom Roongsiriwong, CISSP MiSSConf(SP5), July 6, 2019

Secure Sofuware Design For Data Privacy Narudom Roongsiriwong, CISSP MiSSConf(SP5), July 6, 2019

Secure Sofuware Design For Data Privacy Narudom Roongsiriwong, CISSP MiSSConf(SP5), July 6, 2019 WhoAmI Lazy Blogger Japan, Security, FOSS, Politjcs, Christjan htup://narudomr.blogspot.com Informatjon Security since 1995 Web

864 views • 41 slides
CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security

CS573 Data Privacy and Security Data Privacy and Security in Healthcare Data Privacy and Security in Healthcare Li Xiong Healthcare security and privacy HIPAA overview Research survey on information security and privacy in healthcare

1.05k views • 57 slides
webinar series NM SMART Grid Center Student Research Spotlight Presenters: Jeewon Choi (UNM),

webinar series NM SMART Grid Center Student Research Spotlight Presenters: Jeewon Choi (UNM),

webinar series NM SMART Grid Center Student Research Spotlight Presenters: Jeewon Choi (UNM), Jacob Marks (New Mexico Tech), Adnan Bashir (UNM), Shubhasmita Pati & Rusty Nail (NMSU) webinar series Next Webinar CURENT NSF/DOE

424 views • 41 slides
Basic Statistics and Probability Theory Based on Foundations of Statistical NLP C. Manning

Basic Statistics and Probability Theory Based on Foundations of Statistical NLP C. Manning

0. Basic Statistics and Probability Theory Based on Foundations of Statistical NLP C. Manning & H. Sch utze, ch. 2, MIT Press, 2002 Probability theory is nothing but common sense reduced to calculation. Pierre Simon,

953 views • 74 slides
Gibbs Sampling Bayesian Networks: A First Attempt with Cilk++ Alexander Dubbs May 13, 2010

Gibbs Sampling Bayesian Networks: A First Attempt with Cilk++ Alexander Dubbs May 13, 2010

Gibbs Sampling Bayesian Networks: A First Attempt with Cilk++ Alexander Dubbs May 13, 2010 Alexander Dubbs Gibbs Sampling Bayesian Networks: A First Attempt with Cilk++ Introduction I Gibbs sample large Bayesian Networks using C and Cilk++,

305 views • 15 slides
Introduction to the Read Paper Young Statisticians Section Mark Girolami Department of

Introduction to the Read Paper Young Statisticians Section Mark Girolami Department of

Introduction to the Read Paper Young Statisticians Section Mark Girolami Department of Statistical Science University College London The Royal Statistical Society Errol Street London October 13, 2010 Riemann manifold Langevin and

1.01k views • 76 slides
Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory

Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory

DataCamp Data Privacy and Anonymization in R DATA PRIVACY AND ANONYMIZATION IN R Laplace Sanitizer Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory DataCamp Data Privacy and Anonymization in R Laplace Sanitizer

335 views • 20 slides
Releasing Search Queries and Clicks Privately Arne Bayer July 24, 2017 Arne Bayer Releasing

Releasing Search Queries and Clicks Privately Arne Bayer July 24, 2017 Arne Bayer Releasing

A new Approach Releasing Data Select-Queries Noisy Counts Results Releasing Search Queries and Clicks Privately Arne Bayer July 24, 2017 Arne Bayer Releasing Search Queries and Clicks Privately A new Approach Releasing Data

989 views • 85 slides
Food Price Heterogeneity and Income Inequality in Malawi: Is Inequality Underestimated? Richard

Food Price Heterogeneity and Income Inequality in Malawi: Is Inequality Underestimated? Richard

Food Price Heterogeneity and Income Inequality in Malawi: Is Inequality Underestimated? Richard Mussa UN-WIDER Development Conference Helsinki, Finland 6 September 2014 Richard Mussa (University of Malawi) Is Inequality Underestimated?

1.58k views • 18 slides
Examples and Implementations [Bayesian approach to Latent Class Models: Definition, Simulation,

Examples and Implementations [Bayesian approach to Latent Class Models: Definition, Simulation,

BIOSTAT 830 GRAPHICAL MODELS Problem Set 4 Case Study: Latent Class Models Note: 1. Due 11:59PM, December 21, 2016. 2. Electronic submission to your instructors email. 3. You are VERY MUCH encouraged to form teams to discuss proofs and

545 views • 3 slides

More recommend