A Survey of Query Auditing Techniques for Data Privacy

Nabar, Shubha U.; Kenthapadi, Krishnaram; Mishra, Nina; Motwani, Rajeev

doi:10.1007/978-0-387-70992-5_17

Cited by 21 publications

(9 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Prior work on querying private data has investigated two techniques: auditing and perturbation. Query auditing, in which queries are denied if the answers may lead to privacy breaches, has proven to be computationally hard and surprisingly subtle (because even a denial can lead to a privacy breach) [24]. Perturbation injects random noise into the query answers, creating uncertainty about the state of the underlying database.…”

Section: Answering Network Queries Privatelymentioning

confidence: 99%

Privacy-aware data management in information networks

Hay

Liu

Miklau

et al. 2011

Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data

View full text Add to dashboard Cite

Section: Answering Network Queries Privatelymentioning

confidence: 99%

Privacy-aware data management in information networks

Hay

Liu

Miklau

et al. 2011

Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data

View full text Add to dashboard Cite

“…The above query auditing techniques have several problems. First and foremost, refusing to answer a query itself can leak information about the underlying dataset (i.e., D) [44]. This would not be the case if refusal was independent of the underlying dataset (e.g., auditing is carried out without accessing the true answers c).…”

Section: Syntactic Anonymizationmentioning

confidence: 99%

Privacy-Preserving Release of Spatio-Temporal Density

Ács

Biczók

Castelluccia

2018

Handbook of Mobile Data Privacy

View full text Add to dashboard Cite

In today's digital society, increasing amounts of contextually rich spatiotemporal information are collected and used, e.g., for knowledge-based decision making, research purposes, optimizing operational phases of city management, planning infrastructure networks, or developing timetables for public transportation with an increasingly autonomous vehicle fleet. At the same time, however, publishing or sharing spatio-temporal data, even in aggregated form, is not always viable owing to the danger of violating individuals' privacy, along with the related legal and ethical repercussions. In this chapter, we review some fundamental approaches for anonymizing and releasing spatio-temporal density, i.e., the number of individuals visiting a given set of locations as a function of time. These approaches follow different privacy models providing different privacy guarantees as well as accuracy of the released anonymized data. We demonstrate some sanitization (anonymization) techniques with provable privacy guarantees by releasing the spatio-temporal density of Paris, in France. We conclude that, in order to achieve meaningful accuracy, the sanitization process has to be carefully customized to the application and public characteristics of the spatio-temporal data.

show abstract

“…Query and Result Filtering To complement access control and enable more flexible policies, the database community has invested significant research e↵ort in developing query auditing and result filtering systems [25]. Auditing provides two significant improvements over methods purely based on access control: First, auditing allows for flexible, detailed, and context-sensitive policies, as decisions can be based on arbitrary processing of query text, rather than a model based on rows, columns, and user roles.…”

Section: Traditional Approaches To Privacy In Databasesmentioning

confidence: 99%