Abstract
Risk-aware access control systems grant or deny access to resources based on some notion of risk. In this paper we propose a model that considers the risk of leaking privacy-critical information when querying, e.g., datasets containing personal information. While querying databases containing personal information it is current practice to assign all-or-nothing access to avoid the disclosure of sensitive information. Using our model, access-control decisions are based on the disclosure-risk associated with a data access request and, differently from existing models, we include adaptive anonymization operations as risk-mitigation methods. By applying these operations, a request that would otherwise be rejected, is permitted after reducing the risk associated with the returned dataset.
This work has been partly supported by the EU under grant 317387 SECENTIS (FP7-PEOPLE-2012-ITN).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
HIPAA: Health Insurance Portability and Accountability Act.
- 2.
In real surveys single records are actually never shown, but just percentages, in this example it would be something like \(10\,\%\) answered \(1\), \(25\,\%\) answered \(2\), etc. Since the number of respondents is known, in practice, for one question, this equivalent of getting the data with no identifiers.
- 3.
In real cases they are typically user IDs.
- 4.
In real surveys the result will appear as a report like: \(37.5\,\%\) answered \(5\), \(37.5\,\%\) answered \(4\) and \(25\,\%\) answered \(3\). For a single question this is equivalent to the view in Table 1(b).
References
Baracaldo, M., Joshi, J.: A trust-and-risk aware rbac framework: tackling insider threat. In: Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, SACMAT 2012, pp. 167–176, ACM, New York (2012)
Bettini, C., Jajodia, S., Sean Wang, X., Wijesekera, D.: Provisions and obligations in policy management and security applications. In: Proceedings of the 28th International Conference on Very Large Data Bases, VLDB 2002, pp. 502–513. VLDB Endowment (2002)
Bezzi, M.: An information theoretic approach for privacy metrics. Trans. Data Priv. 3(3), 199–215 (2010)
Chen, L., Crampton, J.: Risk-aware role-based access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 140–156. Springer, Heidelberg (2012)
Chen, L., Crampton, J., Kollingbaum, M.J., Norman, T.J.: Obligations in risk-aware access control. In: Cuppens-Boulahia, N., Fong, P., García-Alfaro, J., Marsh, S., Steghöfer, J.-P. (eds.) PST, pp. 145–152. IEEE (2012)
Cheng, P.-C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: an experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy, pp. 222–230. IEEE Computer Society (2007)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Samarati, P.: Theory of privacy and anonymity. In: Atallah, M., Blanton, M. (eds.) Algorithms and Theory of Computation Handbook, 2nd edn. CRC Press (2009)
Clifton, C., Tassa, T.: On syntactic anonymity and differential privacy. Trans. Data Priv. 6(2), 161–183 (2013)
Dalenius, T.: Finding a needle in a haystack-or identifying anonymous census record. J. Official Stat. 2(3), 329–336 (1986)
Dickens, L., Russo, A., Cheng, P.-C., Lobo, J.: Towards learning risk estimation functions for access control. In: Snowbird Learning Workshop (2010)
Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: IEEE 23rd International Conference on Data Engineering, ICDE 2007, pp. 106–115 (April 2007)
Timothy, J., Chen, N.L., Gasparini, L.: XACML and risk-aware access control, Technical report (2013)
Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: ICDE 2006: Proceedings of the 22nd International Conference on Data Engineering (ICDE 2006), p. 24. IEEE Computer Society, Washington, DC (2006)
Martino, L.D., Ni, Q., Lin, D., Bertino, E.: Multi-domain and privacy-aware role based access control in ehealth. In: Second International Conference on Pervasive Computing Technologies for Healthcare, PervasiveHealth 2008, pp. 131–134 (January 2008)
Molloy, I., Dickens, L., Morisset, C., Cheng, P.-C., Lobo, J., Russo, A.: Risk-based security decisions under uncertainty. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, CODASPY 2012, pp. 157–168, New York (2012)
Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware role based access control. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, SACMAT 2007, pp. 41–50. ACM, New York (2007)
IDC Report. Worldwide big data technology and services 2012–2015 forecast. IDC Report (2012)
Samarati, P.: Protecting respondents’ identities in microdata release. IEEE Trans. Knowl. Data Eng. 13(6), 1010–1027 (2001)
Shaikh, R.A., Adi, K., Logrippo, L.: Dynamic risk-based decision methods for access control systems. Comput. Secur. 31, 447–464 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Armando, A., Bezzi, M., Metoui, N., Sabetta, A. (2015). Risk-Aware Information Disclosure. In: Garcia-Alfaro, J., et al. Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance. DPM QASA SETOP 2014 2014 2014. Lecture Notes in Computer Science(), vol 8872. Springer, Cham. https://doi.org/10.1007/978-3-319-17016-9_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-17016-9_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17015-2
Online ISBN: 978-3-319-17016-9
eBook Packages: Computer ScienceComputer Science (R0)