A Privacy Preserving Service Broker Architecture for Data Sharing

  • Fahed Al-Neyadi
  • Jemal Abawajy
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6485)


The problem addressed in this paper is how to ensure data privacy concerns when data is shared between multiple organisations. In domains such as healthcare, there is a need to share privacy-sensitive data among autonomous but cooperating organisations. However, security concerns and compliance to privacy regulations requiring confidentiality of the data renders unrestricted access to organisational data by others undesirable. The challenge is how to guarantee privacy preservations for the owners of the information that are willing to share information with other organisations while keeping some other information secret. Therefore, there is a need for privacy preserving database operations for querying data residing at different parties. To address this challenge, we propose a new computationally efficient framework that enables organisations to share privacy-sensitive data. The proposed framework is able to answer queries without revealing any useful information to the data sources or to the third parties.


Privacy Preservation Data Sharing Data Management Privacy Healthcare data Database 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Tsui, F.-C., Espino, J.U., Dato, V.M., Gesteland, P.H., Hutman, J., Wagner, M.M.: Technical description of RODS: A real-time public health surveillance system. J. Am. Med. Inform. Assoc. 10(5), 399–408 (2003)CrossRefGoogle Scholar
  2. 2.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: A distributed architecture for secure database services. In: CIDR, pp. 186–199 (2005)Google Scholar
  3. 3.
    Naor, M., Pinkas, B.: Oblivious transfer and polynomial evaluation. In: Proc. of the thirty-first annual ACM symposium on Theory of computing, pp. 245–254. ACM Press, New York (1999)Google Scholar
  4. 4.
    Siegenthaler, M., Birman, K.: Sharing Private Information Across Distributed Databases. In: Eighth IEEE International Symposium on Network Computing and Applications, pp. 82–89 (2009)Google Scholar
  5. 5.
    LeFevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Limiting disclosure in hippocratic databases. In: VLDB 2004: Proceedings of the Thirtieth international conference on Very large data bases. VLDB Endowment, pp. 108–119 (2004)Google Scholar
  6. 6.
    Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 10(5), 557–570 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Chen, B., Kifer, D., Lefevre, K., Machanavajjhala, A.: Privacy-Preserving Data Publishing (Survey). Foundations and Trends in Databases, vol. 2, pp. 1–167 (2009)Google Scholar
  8. 8.
    Agrawal, R., Srikant, R.: Privacy-Preserving Data Mining. In: Proceedings of SIGMOD (2000)Google Scholar
  9. 9.
    Hu, N.: Privacy-Preserving Query Checking in Query Middleware, fskd In: 2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery, vol. 1, pp. 590–594 (2009)Google Scholar
  10. 10.
    Al-Nayadi, F., Abawajy, J.H., Deris, M.M.: A Conceptual Framework for Ubiquitously Sharing Heterogeneous Patient Information among Autonomous Healthcare Providers. In: International Conference on Multimedia and Ubiquitous Engineering (MUE 2007), pp. 299–306 (2007)Google Scholar
  11. 11.
    Rezgui, A., Ouzzani, M., Bouguettaya, A., Medjahed, B.: Preserving Privacy in WebServices. In: Proceedings of the Workshop on Web Information and Data Management (WIDM 2002), pp. 56–62 (2002)Google Scholar
  12. 12.
    Blum, A., Dwork, C., McSherry, F., Nissim, K.: Practical privacy: the sulq framework. In: PODS, pp. 128–138 (2005)Google Scholar
  13. 13.
    Dwork, C., Nissim, K.: Privacy-preserving Data Mining on Vertically Partitioned Databases. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 528–544. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  14. 14.
    Mitra, P., Pan, C.-C., Liu, P., Atluri, V.: Privacy preserving semantic interoperation and access control of heterogeneous databases. In: Proc. ACM Conf. on Computer and Communications Security, pp. 66–77 (2006)Google Scholar
  15. 15.
    Machanavajjhala, A., Gehrke, J., Kifer, D.: l-Diversity: Privacy beyond k-anonymity. In: International Conference on Data Engineering (ICDE), pp. 24–24 (2006)Google Scholar
  16. 16.
    Emekci, F., Agrawal, D., Abbadi, A.E., Gülbeden, A.: Privacy Preserving Query Processing using Third Parties. In: Proceedings of the 22nd International Conference on Data Engineering, ICDE 2006 (2006)Google Scholar
  17. 17.
    Hacigumus, H., Iyer, B.R., Li, C., Mehrotra, S.: Executing SQL over encrypted data in the database service provider model. In: SIGMOD Conference (2002)Google Scholar
  18. 18.
    Hore, B., Mehrotra, S., Tsudik, G.: A privacypreserving index for range queries. In: Proc. of the 30th Int’l Conference on Very Large Databases VLDB, pp. 720–731 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Fahed Al-Neyadi
    • 1
  • Jemal Abawajy
    • 1
  1. 1.School of Information TechnologyDeakin UniversityAustralia

Personalised recommendations