Don’t Reveal My Intension: Protecting User Privacy Using Declarative Preferences during Distributed Query Processing

Abstract: Abstract. In a centralized setting, the declarative nature of SQL is a major strength: a user can simply describe what she wants to retrieve, and need not worry about how the resulting query plan is actually generated and executed. However, in a decentralized setting, two query plans that produce the same result might actually reveal vastly different information about the intensional description of a user's query to the servers participating its evaluation. In cases where a user considers portions of her query… Show more

“…That is, instead of having the querier to retrieve all base relations from remote servers and process the data locally, the querier now delegates sub queries to collaborating parties, which can process the sub queries more efficiently. However, collaborative query execution might disclose sensitive information, such as data tuples [3,14] and query information [4]. To protect information confidentiality, coalition parties create polices to share selected information with others.…”

“…A query Q is considered sensitive information because it contains the intent of the querier [4]. The execution of non-data shipping plans can disclose information of the query to other parties.…”

“…4 The simulator will randomly generate information sharing policies between coalition parties based on probability values ρ DA , ρ Q and ρ M shown in the table. The process of generating those polices is described in Algorithm 3.…”

“…Qiang et al applied pairwise authorizations to enforce horizontal access control of relation data between coalition parties [14]. Farnan et al studied the query information protection problem in distributed database network, and then extended the SQL syntax to enable query privacy constraints for distributed query execution [4].…”

“…Significant effort has been made to protect data confidentiality in mutli-party database networks by enforcing data authorization policies [3,8,9,14]. Previous work has also proposed new query engines that consider query information confidentiality during collaborative query execution [4][5][6].…”

Towards Collaborative Query Planning in Multi-party Database Networks

“…That is, instead of having the querier to retrieve all base relations from remote servers and process the data locally, the querier now delegates sub queries to collaborating parties, which can process the sub queries more efficiently. However, collaborative query execution might disclose sensitive information, such as data tuples [3,14] and query information [4]. To protect information confidentiality, coalition parties create polices to share selected information with others.…”

“…A query Q is considered sensitive information because it contains the intent of the querier [4]. The execution of non-data shipping plans can disclose information of the query to other parties.…”

“…4 The simulator will randomly generate information sharing policies between coalition parties based on probability values ρ DA , ρ Q and ρ M shown in the table. The process of generating those polices is described in Algorithm 3.…”

“…Qiang et al applied pairwise authorizations to enforce horizontal access control of relation data between coalition parties [14]. Farnan et al studied the query information protection problem in distributed database network, and then extended the SQL syntax to enable query privacy constraints for distributed query execution [4].…”

“…Significant effort has been made to protect data confidentiality in mutli-party database networks by enforcing data authorization policies [3,8,9,14]. Previous work has also proposed new query engines that consider query information confidentiality during collaborative query execution [4][5][6].…”

Towards Collaborative Query Planning in Multi-party Database Networks

Data Security and Privacy in the Cloud

Don’t Reveal My Intension: Protecting User Privacy Using Declarative Preferences during Distributed Query Processing