Introduction
The concept of a privacy-preserving database management system (PP-DBMS) is a relatively recent one – dating back to the 2000s [1, 8]. Such a system assumes that privacy is a fundamental property of the data in the DBMS and that the database management system automatically and seamlessly adheres to the privacy dictates of the data owners. As a first step, we must understand the notion of privacy.
Privacy Fundamentals
Privacy is a complex and multifaceted topic that is steeped in history and rich with subtleties. The task of understanding the fundamental underpinnings, semantics, and nuisances of the concept of privacy has been underway in the legal profession for many decades. In 1928, US Supreme Court Justice Louis Brandeis stated that privacy was “the right to be left alone” [31]. Brandeis postulated that privacy is one of the “conditions favorable to the pursuit of happiness” [31].
Over the years, other legal scholars have established that privacy is one of the...
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsRecommended Reading
Agrawal R, Kiernan J, Srikant R, Xu Y. Hippocratic databases. In: Proceedings of the 28th International Conference on Very Large Data Bases; 2002.
Agrawal R, Evfimievski A, Srikant R. Information sharing across private databases. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2003.
Agrawal R, Bayardo R, Faloutsos C, Kiernan J, Rantzau R, Srikant R. Auditing compliance with a hippocratic database. In: Proceedings of the 30th International Conference on Very Large Data Bases Endowment; 2004. p. 516–27.
Agrawal R, Kiernan J, Srikant R, Xu Y. Order-preserving encryption for numeric data. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2004.
Agrawal R, Bird P, Grandison T, Kiernan J, Logan S, Rjaibi W. Extending relational database systems to automatically enforce privacy policies. In: Proceedings of the 21st International Conference on Data Engineering; 2005. p. 1013–22.
Azemović J. Privacy aware eLearning environments based on hippocratic database principles. In: Proceedings of the 5th Balkan Conference in Informatics; 2012. p. 142–9.
Bayardo RJ, Agrawal R. Data privacy through optimal k-anonymization. In: Proceedings of the 21st International Conference on Data Engineering; 2005.
Bertino E, Byun JW, Li N. Privacy-preserving database systems. In: Foundations of security analysis and design III. Berlin/Heidelberg: Springer; 2005. p. 178–206.
Bottcher S, Hartel R, Kirschner M. Detecting suspicious relational database queries. In: Proceedings of the 3rd International Conference on Availability, Reliability and Security; 2008. p. 71–778.
Cheng VS, Hung PC. Towards an integrated privacy framework for HIPAA-compliant web services. In: Proceedings of the 7th IEEE International Conference on E-commerce Technology; 2005. p. 480–3.
Goldberg I. Privacy-enhancing technologies for the Internet, II: five years later. Berlin/Heidelberg: Springer; 2003. p. 1–2.
Grandison T, Johnson C, Kiernan J. Hippocratic databases: current capabilities and future trends. In: Handbook of database security. New York: Springer; 2008. p. 409–29.
Johnson CM, Grandison TWA. Compliance with data protection laws using hippocratic database active enforcement and auditing. IBM Syst J. 2007;46(2):255–64.
Juels A. RFID security and privacy: a research survey. IEEE J Sel Areas Commun. 2006;24(2): 381–94.
Kirchberg M, Link S. Hippocratic databases: extending current transaction processing approaches to satisfy the limited retention principle. In: Proceedings of the 43rd Annual Hawaii International Conference on System Sciences; 2010. p. 1–10.
Laura-Silva Y, Aref WG. Realizing privacy-preserving features in Hippocratic databases. In: Proceedings of the IEEE 23rd International Conference on Data Engineering Workshop; 2007. p. 198–206.
Lee JG, Whang KY, Han W, Song I. Hippocratic XML databases: a model and an access control mechanism. Comput Syst Sci Eng. 2006;21(6)
LeFevre K, Agrawal R, Ercegovac V, Ramakrishnan R, Xu Y, DeWitt D. Limiting disclosure in hippocratic databases. In: Proceedings of the 30th International Conference on Very Large Data Bases Endowment; 2004. p. 108–19.
Massacci F, Mylopoulos J, Zannone N. Hierarchical hippocratic databases with minimal disclosure for virtual organizations. VLDB J. 2006;15(4):370–87.
Mohamed Sidek Z, Abdul Ghani N. Utilizing hippocratic database for personal information privacy protection. Jurnal Teknologi Maklumat. 2008;20(3):54–64.
Mokbel FM. Towards privacy-aware location-based database servers. In: Proceedings of the 22nd International Conference on Data Engineering Workshops; 2006.
OECD. Guidelines on the protection of privacy and transborder flows of personal data. 1980. http://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborde rflowsofpersonaldata.htm. Accessed 27 Aug 2014.
Office of the Privacy Commissioner of Canada. The personal information protection and electronic documents act (PIPEDA). 4 1, 2011. http://laws-lois.justice.gc.ca/PDF/P-8.6.pdf. Accessed 27 Aug 2014.
Padma J, Silva YN, Arshad MU, Aref WG. Hippocratic PostgreSQL. In: Proceedings of the 25th International Conference on Data Engineering; 2009. p. 1555–8.
Rutherford A, Botha R, Olivier M. Towards Hippocratic log files. In: Proceedings of the 4th Annual Information Security South Africa Conference; 2004. p. 1–10.
Solove DJ. Understanding privacy: Harvard University Press; 2010.
Solove DJ. Nothing to hide: the false tradeoff between privacy and security. J Value Inq. 2012;46(1):107–112.
Solove DJ, Schwartz PM. Privacy law fundamentals, Second Edition. Aspen Publishers, 2013.
Such JM, Espinosa A, García-Fornes A. A survey of privacy in multi-agent systems. Knowl Eng Rev. 2014;29(03):314–44.
U.S. Department of Health and Human Services Office for Civil Rights. HIPAA Administrative Simplification. 3 26, 2013. http://www.hhs.gov/ocr/privacy/hipaa/administrative/combined/hipaa-simplification- 201303.pdf. Accessed 27 Aug 2014.
U.S. Supreme Court. Osmalt v. U.S. Government (1928). 1928. Accessed 27 Aug 2014.
Westin AF. Privacy and freedom. New York: Athenum; 1967.
Zhu H, Lü K. Fine-grained access control for database management systems. In: Richard C, Jessie K, editors. Data management. Data, data everywhere. Berlin/Heidelberg: Springer; 2007. p. 215–23.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Grandison, T. (2018). Privacy-Preserving DBMSs. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_80753
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_80753
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering