Privacy preserving database external layer construction algorithm via secure decomposition for attribute-based security policies


Tezin Türü: Doktora

Tezin Yürütüldüğü Kurum: Orta Doğu Teknik Üniversitesi, Mühendislik Fakültesi, Bilgisayar Mühendisliği Bölümü, Türkiye

Tezin Onay Tarihi: 2018

Öğrenci: UĞUR TURAN

Danışman: İSMAİL HAKKI TOROSLU

Özet:

Relational DBMS’scontinue to dominate th emarket an dinference problem on external schema has preserved its importance in terms of data privacy. Especially for the last 10 years, external schema construction for application-specific database usage has increased its independency from the conceptual schema, as the definitions and implementations of views and procedures have been optimized. After defining all mathematical background, this work offers an optimized decomposition strategy for the external schema, which concentrates on the privacy policy and required associations of attributes for the intended user role. The method given in this article performs a proactive decomposition for the external schema, which satisfies the inhibited and required associations of attributes. The idea is represented by using graph theory(using attribute-sets as vertices and dependencies as edges)and we redefine the problem of inference like a shared root tree finding process in between related attributes,using complete schema functional dependency graph. The optimization of decomposition aims to result in an external schema, which prevents inference of inhibited attribute sets and satisfies association of required attribute sets with minimal loss of association between other attributes. Our technique is purely proactive like a normalization stage and owing to the usage independency of external schema construction tools, it can be easily applied to any ongoing systems without rewriting data access layer of applications. Our extensive experimental analysis shows the usage of this optimized proactive strategy offers applicable timing costs, even being proactive, for a wide portion of logical schema volumes. Additionally, we shared a real-life case study to emphasize the importance of using this strategy for privacy policy preservation during external schema definition and the observed benefits after getting this technique in production.