TY - JOUR
T1 - Privacy-preserving OLAP
T2 - An information-theoretic approach
AU - Zhang, Nan
AU - Zhao, Wei
N1 - Funding Information:
The authors would like to thank the anonymous reviewers for their insightful comments. This work was supported in part by the US National Science Foundation under grants 0324988, 0329181, 0721571, 0808419, 0845644, 0852673, 0852674, and 0915834. Any opinion, findings, conclusion, and/or recommendation in this material, either expressed or implied, are those of the authors and do not necessarily reflect the views of the sponsor listed above. The authors would like to thank Ms. Larisa Archer for her editorial help with the paper.
PY - 2011
Y1 - 2011
N2 - We address issues related to the protection of private information in Online Analytical Processing (OLAP) systems, where a major privacy concern is the adversarial inference of private information from OLAP query answers. Most previous work on privacy-preserving OLAP focuses on a single aggregate function and/or addresses only exact disclosure, which eliminates from consideration an important class of privacy breaches where partial information, but not exact values, of private data is disclosed (i.e., partial disclosure). We address privacy protection against both exact and partial disclosure in OLAP systems with mixed aggregate functions. In particular, we propose an information-theoretic inference control approach that supports a combination of common aggregate functions (e.g., COUNT, SUM, MIN, MAX, and MEDIAN) and guarantees the level of privacy disclosure not to exceed thresholds predetermined by the data owners. We demonstrate that our approach is efficient and can be implemented in existing OLAP systems with little modification. It also satisfies the simulatable auditing model and leaks no private information through query rejections. Through performance analysis, we show that compared with previous approaches, our approach provides more effective privacy protection while maintaining a higher level of query-answer availability.
AB - We address issues related to the protection of private information in Online Analytical Processing (OLAP) systems, where a major privacy concern is the adversarial inference of private information from OLAP query answers. Most previous work on privacy-preserving OLAP focuses on a single aggregate function and/or addresses only exact disclosure, which eliminates from consideration an important class of privacy breaches where partial information, but not exact values, of private data is disclosed (i.e., partial disclosure). We address privacy protection against both exact and partial disclosure in OLAP systems with mixed aggregate functions. In particular, we propose an information-theoretic inference control approach that supports a combination of common aggregate functions (e.g., COUNT, SUM, MIN, MAX, and MEDIAN) and guarantees the level of privacy disclosure not to exceed thresholds predetermined by the data owners. We demonstrate that our approach is efficient and can be implemented in existing OLAP systems with little modification. It also satisfies the simulatable auditing model and leaks no private information through query rejections. Through performance analysis, we show that compared with previous approaches, our approach provides more effective privacy protection while maintaining a higher level of query-answer availability.
UR - http://www.scopus.com/inward/record.url?scp=78649431051&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78649431051&partnerID=8YFLogxK
U2 - 10.1109/TKDE.2010.25
DO - 10.1109/TKDE.2010.25
M3 - Article
AN - SCOPUS:78649431051
SN - 1041-4347
VL - 23
SP - 122
EP - 138
JO - IEEE Transactions on Knowledge and Data Engineering
JF - IEEE Transactions on Knowledge and Data Engineering
IS - 1
M1 - 5416711
ER -