Access
control mechanisms protect sensitive information from unauthorized users.
However, when sensitive information is shared and a Privacy Protection
Mechanism (PPM) is not in place, an authorized user can still compromise the
privacy of a person leading to identity disclosure. A PPM can use suppression
and generalization of relational data to anonymize and satisfy privacy
requirements, e.g., $k$-anonymity and $l$-diversity, against identity
and attribute disclosure. However, privacy is achieved at the cost of precision
of authorized information. In this paper, we propose an accuracy-constrained privacy-preserving
access control framework. The access control policies define selection
predicates available to roles while the privacy requirement is to satisfy
the $k$ -anonymity or $l$ -diversity. An additional
constraint that needs to be satisfied by the PPM is the imprecision bound for
each selection predicate. The techniques for workload-aware Anonymization for
selection predicates have been discussed in the literature. However, to the
best of our knowledge, the problem of satisfying the accuracy constraints for
multiple roles has not been studied before. In our formulation of the
aforementioned problem, we propose heuristics for Anonymization algorithms and
show empirically that the proposed approach satisfies imprecision bounds for
more permissions and has lower total imprecision than the current state of the
art.
No comments:
Post a Comment