Relational Database Systems

Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. This has led to increasing interest in using fine-grained access control, where different cells in a relation may be governed by different access control rules. Although several proposals have been made to support fine-grained access control, there currently does not exist a formal notion of correctness regarding the query answering procedure. In this paper, we propose such a formal notion of correctness in fine-grained database access control, and discuss why existing approaches fall short in some circumstances. We then propose a labeling approach for masking unauthorized information and a query evaluation algorithm which better supports fine-grained access control. Finally, we implement our algorithm using query modification and evaluate its performance.

Data privacy issues are increasingly becoming important for many applications. Protective individual privacy is a crucial downside. However, sensitive data will still be ill-used by approved users to compromise the privacy of shoppers. Traditionally, research in the database community in the area of data security can be broadly classified into access control research and data privacy research. Access Control Mechanisms (ACM) is used to ensure that only authorized information is available to users. Privacy Protection Mechanism (PPM) uses suppression and generalization of relational data to anonymize and satisfy privacy needs. The privacy preservation can be achieved through anonymization techniques like generalization or suppression. Along with privacy the precision of the authorized data is important. The aim of the work is to provide better security and minimum level of precision to the retrieved data, for that in this paper an accuracy constrained privacy preserving access control mechanism is implemented with additional constraint on each selection predicate called imprecision bounds. The accuracy constraints are satisfied for multiple roles also. Along with that a workload aware anonymization concept is used for selection predicates. The experimental results shows proposed system with multilevel anonymization works better in terms of precision, privacy for more permissions than current state of art.

Journal of emerging technologies and innovative research, 2017

The paper demonstrate on accuracy constrained privacy-preserving access control mechanism for relation data framework with multilevel anonymization techniques. Access control policy which define selection predicate on sensitive data and privacy requirement deals with anonymity. As privacy protection mechanism (PPM) provides less privacy protection and the data is shared so the user should compromise the with the privacy of data. The goal of the paper is to provide more security to the sensitive data along with minimal level of precision. The concept of accuracy constraints for permissions can be applied to any privacy-preserving security policy. Our goal is to solve problem of K-anonymity algorithm and provide solution by improving l-diversity algorithm.

2012

Individuals are not comfortable when disclosing their personal information to corporate organisations and are becoming increasingly concerned. Decision criteria needed for privacy protection are more complex than those that apply to access control when managing security. A typical problem in this context concerns giving individuals better control over their personal information, while at the same time allowing the organisation to process its transactions on the same personalised information. To address this difficulty, we consider extending the Hippocratic principles and model them in our Hippocratic Privacy Protection (HPP) framework that is based on the concept of privacy contracting. A prototype of the proposed HPP framework was constructed to serve as a proof of concept in order to demonstrate the developed HPP framework as an applicable and efficacious model for solving privacy problems. Based on this prototype, we afford individuals more control over their personal information...

Privacy is the most anticipated aspect in many perspectives, especially with sensitive data, and the database is being targeted incessantly for vulnerability. The proposed model is intended to cherish the database privacy by thwarting Intrusions. Database Static protection and Intrusion Tolerance Subsystem bolster this practice. This paper enunciates Privacy Cherished Database Architecture model and how it achieves security.

International Journal of Advance Research and Innovative Ideas in Education, 2015

In current days of information technology, the assessment of data from existing database that are connected in a network were carried out simply by applying protection to database at the time of access only. Since during access of such data the access or privacy protection will not be there, due to this release and leakage of data can occur in a network. While the Access protection mechanism provides protection to sensitive data and privacy protection mechanism avoid the assessment of data by unauthorized users. Here the introductory and literature survey has presented which help further to design efficient system by considering all terms and circumstances. Keyword: - Relational Database, Accessing Methods, Privacy Preserving Techniques

… of the fifth Australasian symposium on …, 2007

To date, research has focussed on privacy from a wide perspective, enabling organisations to implement various technologies that contribute to privacy protection. However, in such approaches the perspective of the data subject is often obscured in favour of meeting technical design requirements. The privacy architecture proposed in this paper is premised upon a view of privacy as unique to each individual person, changing over time and maintained through the control of personal data. This conceptualisation of privacy is evidenced by the research literature as well as various legislation. This paper establishes a requirement for a Privacy-Enhancing Technology for operational databases through a consideration of the state of practice and the relevant literature. An architecture for such a technology, which acknowledges and supports this understanding of privacy and which is based upon the Use and Disclosure Principle of the Australian privacy regulation framework, is then proposed. The architecture extends its privacy protection capabilities from primary to secondary data processing applications . .

Privacy is becoming a major issue of social, ethical and legal concern on the Internet. The development of information technology and the Internet has major implications for the privacy of individuals. Studies of private or personal information have related it to such concepts as identifiably, secrecy, anonymity, control, etc. Few studies have examined the basic features of this type of information. Also, database models (e.g., 'Hippocratic' [AKX02] database) for this type of information have been proposed. This paper studies the nature of private information and develops a new conceptual model for databases that contain exclusively private information. The model utilizes the theory of infons to define “private infons”, and develops taxonomy of these private infons based on the notions of proprietary and possession. The proposed model also specifies different privacy rules and principles, derives their enforcement, and develops and tests architecture for this type of databases.

Now in organizations or companies maximum information or data available and that data are related to tabular form means relational database. Sometimes organization wanted to distribute that particular information or data in within organization or other organization in daily basis. Here the thing is that the organization faces the some kind of problems of security related because they distributed that information for its purposes and here sometimes organization wanted that particular information will be modified or upgraded, Now they can used numbers of methods or technics for encryption and electronic signatures for given a security and protection of that particular data in during transmission network. In that protection of that protection used various different mechanisms and strong methods for accessing that specific that particular data or information. It is very well known that current or today the proper data must take as access control polices. Also some kind of methods for CIA towards database system must be adopted.