Query and access control over encrypted databases

Zhang, Ye, 张叶

January 2010

published_or_final_version / Computer Science / Master / Master of Philosophy

Database security.

Security and computability in database applications

Wong, Wai-kit, 王偉傑

January 2011

published_or_final_version / Computer Science / Doctoral / Doctor of Philosophy

Database security.

Information security with special reference to database interconnectivity.

Coetzee, Marijke

29 May 2008

Information can be considered a company’s most valued asset and should be protected as such. In the past, companies allowed very limited access to corporate information. Today, the rapid growth of the Internet increases the importance of connecting to existing databases. Access to such web-enabled databases, containing sensitive information such as credit card numbers must be made available only to those who need it. The security of web-enabled databases is challenged, as huge user populations access corporate information, past traditional perimeters. Providing a secure web-enabled database environment is not as simple as creating a few dynamic pages linked to a secured database. As a web-enabled database is very sophisticated, consisting of various applications in front of the database, it is vulnerable to attack. Furthermore, since most malicious intrusions occur from inside, defences such as firewalls, intrusion detection and virus scanning provide limited protection. The principle aim of this study was to consider security services and mechanisms that would provide protection to web-enabled databases. As database security has been a well-researched topic ever since the first databases were used, it was decided to investigate whether traditional database security could possibly provide a basic framework to be used when approaching the security of web-enabled databases. An investigation was made into nine current state database security services and their associated mechanisms. Additional services and mechanisms were identified, that could provide protection in the new environment. The integrated service provided by web-enabled databases was contrasted to the service provided by current state database security. A model was developed that illustrated how these services and mechanisms could be applied to create a secure web-enabled database. The study was brought to an end with a conclusion on the security that can be attained by web-enabled databases. Further problem areas, which could be researched in the future, were touched upon briefly. / Prof. J.H.P. Eloff

web database security measures

database security

Privacy preserving data publishing: an expected gain model with negative association immunity. / CUHK electronic theses & dissertations collection

January 2012

隱私保護是許多應用(特別是和人們有關的)要面對的重要問題。在隱私保護數據發布之研究中，我們探討如何在個人隱私不會被侵犯之情況下發布一個包含個人資料之數據庫，而此數據庫仍包含有用的信息以供研究或其他數據分析之用。 / 本論文著重於隱私保護數據發布之隱私模型及算法。我們首先提出一個預期收益模型，以確認發布一個數據庫會否侵犯個人隱私。預期收益模型符合我們在本論文中提出的六個關於量化私人信息之公理，而第六條公理還會以社會心理學之角度考慮人為因素。而且，這模型考慮敵意信息收集人在發布數據庫之中所得到的好處。所以這模型切實反映出敵意信息收集人利用這些好處而獲得利益，而其他隱私模型並沒有考慮這點。然後，我們還提出了一個算法來生成符合預期收益模型之發布數據庫。我們亦進行了一些包含現實數據庫之實驗來表示出這算法是現實可行的。在那之後，我們提出了一個敏感值抑制算法，使發布數據庫能對負向關聯免疫，而負向關聯是前景/背景知識攻擊之一種。我們亦進行了一些實驗來表示出我們只需要抑制平均數個百份比之敏感值就可以令一個發佈數據庫對負向關聯免疫。最後，我們探討在分散環境之下之隱私保護數據發布，這代表有兩個或以上的數據庫持有人分別生成不同但有關之發布數據庫。我們提出一個在分散環境下可用的相異L多樣性的隱私模型和一個算法來生成符合此模型之發布數據庫。我們亦進行了一些實驗來表示出這算法是現實可行的。 / Privacy preserving is an important issue in many applications, especially for the applications that involve human. In privacy preserving data publishing (PPDP), we study how to publish a database, which contains data records of some individuals, so that the privacy of the individuals is preserved while the published database still contains useful information for research or data analysis. / This thesis focuses on privacy models and algorithms in PPDP. We first propose an expected gain model to define whether privacy is preserved for publishing a database. The expected gain model satisfies the six axioms in quantifying private information proposed in this thesis, where the sixth axiom considers human factors in the view of social psychology. In addition, it considers the amount of advantage gained by an adversary by exploiting the private information deduced from a published database. Hence, the model reflects the reality that the adversary uses such an advantage to earn a profit, which is not conisidered by other existing privacy models. Then, we propose an algorithm to generate published databases that satisfy the expected gain model. Experiments on real datasets are conducted to show that the proposed algorithm is feasible to real applications. After that, we propose a value suppression framework to make the published databases immune to negative association, which is a kind of background / foreground knowledge attacks. Experiments are conducted to show that negative association immunity can be achieved by suppressing only a few percent of sensitive values on average. Finally, we investigate PPDP in a non-centralized environment, in which two or more data holders generate their own different but related published databases. We propose a non-centralized distinct l-diversity requirement as the privacy model and an algorithm to generate published databases for this requirement. Experiments are conducted to show that the proposed algorithm is feasible to real applications. / Detailed summary in vernacular field only. / Detailed summary in vernacular field only. / Cheong, Chi Hong. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2012. / Includes bibliographical references (leaves 186-193). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstract also in Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Background --- p.1 / Chapter 1.2 --- Thesis Contributions and Organization --- p.2 / Chapter 1.3 --- Other Related Areas --- p.5 / Chapter 1.3.1 --- Privacy Preserving Data Mining --- p.5 / Chapter 1.3.2 --- Partition-Based Approach vs. Differential Privacy Approach --- p.5 / Chapter 2 --- Expected Gain Model --- p.7 / Chapter 2.1 --- Introduction --- p.8 / Chapter 2.1.1 --- Background and Motivation --- p.8 / Chapter 2.1.2 --- Contributions --- p.11 / Chapter 2.2 --- Table Models --- p.12 / Chapter 2.2.1 --- Private Table --- p.12 / Chapter 2.2.2 --- Published Table --- p.13 / Chapter 2.3 --- Private Information Model --- p.14 / Chapter 2.3.1 --- Proposition --- p.14 / Chapter 2.3.2 --- Private Information and Private Probability --- p.15 / Chapter 2.3.3 --- Public Information and Public Probability --- p.18 / Chapter 2.3.4 --- Axioms in Quantifying Private Information --- p.20 / Chapter 2.4 --- Quantifying Private Information --- p.34 / Chapter 2.4.1 --- Expected Gain of a Fair Guessing Game --- p.34 / Chapter 2.4.2 --- Analysis --- p.41 / Chapter 2.5 --- Tuning the Importance of Opposite Information --- p.48 / Chapter 2.6 --- Conclusions --- p.53 / Chapter 3 --- Generalized Expected Gain Model --- p.56 / Chapter 3.1 --- Introduction --- p.58 / Chapter 3.2 --- Table Models --- p.60 / Chapter 3.2.1 --- Private Table --- p.62 / Chapter 3.2.2 --- Published Table --- p.62 / Chapter 3.3 --- Expected Gain Model --- p.63 / Chapter 3.3.1 --- Random Variable and Probability Distribution --- p.64 / Chapter 3.3.2 --- Public Information --- p.64 / Chapter 3.3.3 --- Private Information --- p.65 / Chapter 3.3.4 --- Expected Gain Model --- p.66 / Chapter 3.4 --- Generalization Algorithm --- p.75 / Chapter 3.4.1 --- Generalization Property and Subset Property --- p.75 / Chapter 3.4.2 --- Modified Version of Incognito --- p.78 / Chapter 3.5 --- Related Work --- p.80 / Chapter 3.5.1 --- k-Anonymity --- p.80 / Chapter 3.5.2 --- l-Diversity --- p.81 / Chapter 3.5.3 --- Confidence Bounding --- p.83 / Chapter 3.5.4 --- t-Closeness --- p.84 / Chapter 3.6 --- Experiments --- p.85 / Chapter 3.6.1 --- Experiment Set 1: Average/Max/Min Expected Gain --- p.85 / Chapter 3.6.2 --- Experiment Set 2: Expected Gain Distribution --- p.90 / Chapter 3.6.3 --- Experiment Set 3: Modified Version of Incognito --- p.95 / Chapter 3.7 --- Conclusions --- p.99 / Chapter 4 --- Negative Association Immunity --- p.100 / Chapter 4.1 --- Introduction --- p.100 / Chapter 4.2 --- Related Work --- p.104 / Chapter 4.3 --- Negative Association Immunity and Value Suppression --- p.107 / Chapter 4.3.1 --- Negative Association --- p.108 / Chapter 4.3.2 --- Negative Association Immunity --- p.111 / Chapter 4.3.3 --- Achieving Negative Association Immunity by Value Suppression --- p.114 / Chapter 4.4 --- Local Search Algorithm --- p.123 / Chapter 4.5 --- Experiments --- p.125 / Chapter 4.5.1 --- Settings --- p.125 / Chapter 4.5.2 --- Results and Discussions --- p.128 / Chapter 4.6 --- Conclusions --- p.129 / Chapter 5 --- Non-Centralized Distinct l-Diversity --- p.130 / Chapter 5.1 --- Introduction --- p.130 / Chapter 5.2 --- Related Work --- p.138 / Chapter 5.3 --- Table Models --- p.140 / Chapter 5.3.1 --- Private Tables --- p.140 / Chapter 5.3.2 --- Published Tables --- p.141 / Chapter 5.4 --- Private Information Deduced from Multiple Published Tables --- p.143 / Chapter 5.4.1 --- Private Information Deduced by Simple Counting on Each Published Tables --- p.143 / Chapter 5.4.2 --- Private Information Deduced from Multiple Published Tables --- p.145 / Chapter 5.4.3 --- Probabilistic Table --- p.156 / Chapter 5.5 --- Non-Centralized Distinct l-Diversity and Algorithm --- p.158 / Chapter 5.5.1 --- Non-centralized Distinct l-diversity --- p.159 / Chapter 5.5.2 --- Algorithm --- p.165 / Chapter 5.5.3 --- Theorems --- p.171 / Chapter 5.6 --- Experiments --- p.174 / Chapter 5.6.1 --- Settings --- p.174 / Chapter 5.6.2 --- Metrics --- p.176 / Chapter 5.6.3 --- Results and Discussions --- p.179 / Chapter 5.7 --- Conclusions --- p.181 / Chapter 6 --- Conclusions --- p.183 / Bibliography --- p.186

Data protection

Database security

A study on privacy-preserving clustering

Cui, Yingjie.

January 2009

Thesis (M. Phil.)--University of Hong Kong, 2010. / Includes bibliographical references (leaves 87-90). Also available in print.

Database security. Cluster analysis

Technical solutions for conducting investigations in digital age

Ho, Sze-lok., 何思樂.

January 2012

Confidentiality has always been a concern in secret operation. In this thesis, we consider the situation of legitimate data request and transfer between investigator and database owner who provides intelligence, where the identity of the investigation subject and the records in the database are both confidential. Current practice of secret investigation solely relies on the integrity and carefulness of the involved individuals to resist data leakage, but regulations, policy, agreement, such human means cannot give a promising solution, thus a technical means is needed. As appropriate solution for this confidential data request and transfer problem cannot be found from related research, our goal is to offer a means that can help keeping the investigation secret and protecting irrelevant data at the same time. We present a technical solution for preserving two-way confidentiality between the investigator (legitimate data requester) and the database owner (legitimate data holder), which can accommodate the concerns of both sides during the specific information request and transfer. Two schemes, Sender-Based Scheme and Receiver-Based Scheme, have been proposed to solve the problem under different conditions, and illustration of executing our schemes is given through an example situation “Investigator and Private hospital” which is an ordinary scenario during investigation. Furthermore, a practical cost reduction methodology on the schemes and sensible proposals for extensions are suggested and discussed. The direction of future work is also considered. / published_or_final_version / Computer Science / Master / Master of Philosophy

Computer security.

Database security.

Die afdwinging van sekerheid en integriteit in 'n relasionele databasisomgewing

Kennedy, Renita

30 September 2014

M.Com. (Informatics) / Please refer to full text to view abstract

Database security

Computer security

Rolprofiele vir die bestuur van inligtingsekerheid

Van der Merwe, Isak Pieter

15 September 2014

M.Com. (Informatics) / The aim of this study is to introduce a model that can be used to manage the security profiles by using a role oriented approach. In chapter 1 the addressed problem and the aim of the study, are introduced. In chapter 2 the different approaches used in the management of security profiles and the security profiles in Computer Associates's TOP SECRET and IBM's RACF, are discussed, In chapter 3 the Model for Role Profiles (MoRP) is introduced and discussed. Chapter 4 consists of a consideration of the possible problems of MoRP and an extension of MoRP is discussed.' The extended model is called ExMoRP. Chapter 5 consists of an analysis of the Path Context Model (pCM) for security and the principles of the PCM are added to ExMoRP to enhance security. In chapter 6 ExMoRP, with the principles of the PCM, are applied on a case study: In chapter 7 a methodology for the implementation of ExMoRP in an environment, is introduced. In chapter 8 it is shown how the principles of ExMoRP can be applied in UNIX, In chapter 9 it is shown how the principles of ExMoRP can be applied in Windows NT. In chapter 10 it is shown how the principles of ExMoRP can be applied in ORACLE. Chapter 11 consists of a review of the management of security and the present trends.

Database security

Computer security

A study on privacy-preserving clustering

Cui, Yingjie., 崔英杰.

January 2009

published_or_final_version / Computer Science / Master / Master of Philosophy

Database security.

Cluster analysis - Data processing.

Privacy preserving data publishing. / CUHK electronic theses & dissertations collection

January 2008

The advance of information technologies has enabled various organizations (e.g., census agencies, hospitals) to collect large volumes of sensitive personal data (e.g., census data, medical records). Due to the great research value of such data, it is often released for public benefit purposes, which, however, poses a risk to individual privacy. A typical solution to this problem is to anonymize the data before releasing it to the public. In particular, the anonymization should be conducted in a careful manner, such that the published data not only prevents an adversary from inferring sensitive information, but also remains useful for data analysis. / This thesis prevents an extensive study on the anonymization techniques for privacy preserving data publishing. We explore various aspects of the problem (e.g., definitions of privacy, modeling of the adversary, methodologies of anonymization), and devise novel solutions that address several important issues overlooked by previous work. Experiments with real-world data confirm the effectiveness and efficiency of our techniques. / Xiao, Xiaokui. / Adviser: Yufei Yao. / Source: Dissertation Abstracts International, Volume: 70-06, Section: B, page: 3618. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2008. / Includes bibliographical references (leaves 307-314). / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307.

Data mining

Data protection

Database security