Abstract
Advances in storage, networks, and hardware technology have resulted in an explosion of data and given rise to multiple sources of overlapping data. This, combined with general apathy towards privacy issues while designing systems and processes, leads to frequent breaches in personal identity and data security. What makes this worse is that many of these breaches are committed by the legitimate users of the data. Major countries like the U.S., Japan, Canada, Australia and EU have come up with strict data distribution laws which demand their organizations to implement proper data security measures that respect personal privacy and prohibit dissemination of raw data outside the country.
Since companies are not able to provide real data, they often resort to completely random data. It is obvious that such a data would offer complete privacy, but would have very low utility. This has serious implications for an IT services company like Tata Consultancy Services Ltd. (TCS), since application development and testing environments rely on realistic test data to verify that the applications provide the functionality and reliability they were designed to deliver. It is always desirable that the test data is similar to, if not the same as, the production data. Hence, deploying proven tools that make de-identifying production data easy, meaningful and cost-effective is essential.
Data masking methods came into existence to permit the legitimate use of data and avoid misuse. In this paper, we consider various such techniques to come up with a comprehensive solution for data privacy requirements. We present a detailed methodology and solutions for enterprise-wide masking. We also present the data masking product MASKETEERTM, developed at TCS, which implements these techniques for providing maximum privacy for data while maintaining good utility.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aggarwal, G., Feder, T., Kenthapadi, K., Khuller, S., Panigrahy, R., Thomas, D., Zhu, A.: Achieving anonymity via clustering. In: Proceedings of the ACM Symposium on Principles of Database Systems, pp. 153–162 (2006)
Aggarwal, G., Feder, T., Kenthapadi, K., Motwani, R., Panigrahy, R., Thomas, D., Zhu, A.: Anonymizing Tables. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 246–258. Springer, Heidelberg (2005)
Agrawal, R., Srikant, R., Thomas, D.: Privacy preserving OLAP. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, pp. 251–262 (2005)
Dwork, C., Nissim, K.: Privacy-preserving Datamining on Vertically Partitioned Databases. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 134–138. Springer, Heidelberg (2004)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game – a completeness theorem for protocols with a honest majority. In: Proceedings of the 1987 Annual ACM Symp. on Theory of Computing, pp. 218–229 (1987)
Goldwasser, S., Micali, S.: Probablistic encryption. Journal of Computer Security 28, 270–299 (1984)
LeFevre, K., DeWitt, D., Ramakrishnan, R.: Incognito: Efficient full-domain k-anonymity. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, pp. 49–60 (2005)
Lodha, S.P., Thomas, D.: Probabilistic Anonymity. In: Bonchi, F., Malin, B., Saygın, Y. (eds.) PInKDD 2007. LNCS, vol. 4890, pp. 56–79. Springer, Heidelberg (2008)
Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: Proceedings of the International Conference on Data Engineering, p. 24 (2006)
Sweeney, L.: k-Anonymity: A model for preserving privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 557–570 (2002)
Vaidya, J., Clifton, C.: Privacy preserving association rule mining in vertically partitioned data. In: Proceedings of the 2002 ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 639–644 (2002)
Yao, A.: How to generate and exchange secrets. In: Proceedings of the 1986 Annual IEEE Symposium on Foundations of Computer Science, pp. 162–167 (1986)
Yuhanna, N.: Protecting private data with data masking: Technology can help meet certain compliance and outsourcing requirements. Technical report, Forrester Research (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lodha, S., Patwardhan, N., Roy, A., Sundaram, S., Thomas, D. (2012). Data Privacy Using MASKETEERTM . In: Roychoudhury, A., D’Souza, M. (eds) Theoretical Aspects of Computing – ICTAC 2012. ICTAC 2012. Lecture Notes in Computer Science, vol 7521. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32943-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-32943-2_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-32942-5
Online ISBN: 978-3-642-32943-2
eBook Packages: Computer ScienceComputer Science (R0)