Skip to main content

IBM Israel Research Seminars

 

In many organizations, private data should be revealed to some people while being concealed from others. In a hospital database system, for instance, a physician should be allowed to see the medical history of her patients; however, such medical data should not be available to the public. A common approach for protecting privacy is to manipulate sensitive data so that private information would not be revealed (e.g., by changing data values or transforming its structure). But, such manipulations can mislead users who are not aware of them and, thus, cause errors.

In my talk, I will present a novel access-control mechanism for XML, that protects privacy without misleading users. XML is a primary format or exchanging and publishing data on the Internet, in which data is presented in a hierarchical format. Our model uses the hierarchal nature of XML but also guarantees that private information will not be inferred because of the hierarchy, a challenge that is not required in the relational model. The mechanism employs rules for specifying the private data, and queries are validated with respect to these rules. Only queries that do not reveal private information are authorized and executed. I will talk about the complexity of validating queries, the privacy protection provided by our approach and how to test that a set of rules provides the desired concealment.

No prior knowledge of XML or privacy is required.

This is a joint work with Alberto Mendelzon, Renee Miller and Zheng Zhang.

About the Speaker
Yaron Kanza received a Ph.D. in Computer Science (2005) from the Hebrew University of Jerusalem. Previously, he received a B.Sc. in Mathematics and Computer Science, and M.Sc. in Computer Science (summa cum laude) from the Hebrew University. Since 2005 he is a post-doctoral fellow in the database group at the University of Toronto. His research interests include database systems and managing data on the World-Wide Web. He has published papers on a variety of topics including querying of XML, XML retrieval, dealing with incomplete information, integrating geographical data, privacy and access control.