Article

Automaton segmentation: a new approach to preserve privacy in xml information brokering

Authors:

Chao-Hsien ChuAuthors Info & Claims

CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

Pages 508 - 518

https://doi.org/10.1145/1315245.1315308

Published: 28 October 2007 Publication History

Abstract

A Distributed Information Brokering System (DIBS) is a peer-to-peer overlay network that comprises diverse data servers and brokering components helping client queries locate the data server(s). Many existing information brokering systems adopt server side access control deployment and honest assumptions on brokers. However, little attention has been drawn on privacy of data and metadata stored and exchanged within DIBS. In this paper, we address privacy-preserving information sharing via on-demand information access. We propose a flexible and scalable system using a broker-coordinator overlay network. Through an innovative automaton segmentation scheme, distributed access control enforcement, and query segment encryption, our system integrates security enforcement and query forwarding while preserving system-wide privacy. We present the automaton segmentation approach, analyze privacy preservation in details, and finally examine the end-to-end performance and scalability through experiments and analysis.

References

[1]

Internet traffic report. http://www.internettrafficreport.com.

[2]

R. Agrawal, A. V. Evfimievski, and R. Srikant. Information sharing across private databases. In SIGMOD, pages 86--97, 2003.

Digital Library

[3]

A. Carzaniga, M. J. Rutherford, and A. L. Wolf. A routing scheme for content-based networking. In Proc. of INFOCOM, 2004.

[4]

S. Cho, S. Amer-Yahia, L. V. S. Lakshmanan, and D. Srivastava. Optimizing the secure evaluation of twig queries. In VLDB, pages 490--501, China, 2002.

Digital Library

[5]

E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Secur., 5(2):169--202, 2002.

Digital Library

[6]

Y. Diao, S. Rizvi, and M. J. Franklin. Towards an Internet-scale XML dissemination service. In VLDB, Toronto, 2004.

Digital Library

[7]

M. Genesereth, A. Keller, and O. Duschka. Informaster: An information integration system. In SIGMOD, Tucson, 1997.

Digital Library

[8]

R. Huebsch, B. Chun, J. Hellerstein, B. Loo, P. Maniatis, T. Roscoe, S. Shenker, I. Stoica, and A. Yumerefendi. The architecture of pier: an internet-scale query processor. In CIDR, pages 28--43, 2005.

[9]

J. Kang and J. F. Naughton. On schema matching with opaque column names and data values. In SIGMOD, pages 205--216, 2003.

Digital Library

[10]

G. Koloniari and E. Pitoura. Content-based routing of path queries in peer-to-peer systems. In EDBT, 2004.

[11]

G. Koloniari and E. Pitoura. Peer-to-peer management of xml data: issues and research challenges. SIGMOD Rec., 34(2):6--17, 2005.

Digital Library

[12]

N. Koudas, M. Rabinovich, D. Srivastava, and T. Yu. Routing xml queries. In IEEE ICDE, page 844, 2004.

Digital Library

[13]

F. Li, B. Luo, P. Liu, D. Lee, P. Mitra, W. Lee, and C. Chu. In-broker access control: Towards efficient end-to-end performance of information brokerage systems. In Proc. IEEE SUTC, 2006.

Digital Library

[14]

H. Lu, J. X. Yu, G. Wang, S. Zheng, H. Jiang, G. Yu, and A. Zhou. What makes the differences: benchmarking xml database implementations. ACM Trans. Inter. Tech., 5(1):154--194, 2005.

Digital Library

[15]

B. Luo, D. Lee, W.-C. Lee, and P. Liu. QFilter: Fine-grained run-time XML access control via NFA-based query rewriting. In ACM CIKM, Washington D.C., USA, Nov 2004.

Digital Library

[16]

I. Manolescu, D. Florescu, and D. Kossmann. Answering xml queries on heterogeneous data sources. In VLDB, pages 241--250, 2001.

Digital Library

[17]

M. Murata, A. Tozawa, and M. Kudo. XML access control using static analysis. In ACM CCS, Washington D.C., 2003.

Digital Library

[18]

S. Park, A. Khrabrov, D. M. Pennock, S. Lawrence, C. L. Giles, and L. H. Ungar. Static and dynamic analysis of the internet's susceptibility to faults and attacks. In IEEE Infocom, 2003.

[19]

M. K. Reiter and A. D. Rubin. Crowds: anonymity for Web transactions. ACM Transactions on Information and System Security, 1(1):66--92, 1998.

Digital Library

[20]

S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In SIGMOD, pages 551--562, Paris, France, 2004.

Digital Library

[21]

O. Sahin, A. Gupta, D. Agrawal, and A. E. Abbadi. A peer-to-peer framework for caching range queries. In Proc. of the 20th Int. Conf. on Data Engineering, 2004.

Digital Library

[22]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, 1996.

Digital Library

[23]

A. R. Schmidt, F. Waas, M. L. Kersten, D. Florescu, I. Manolescu, M. J. Carey, and R. Busse. "The XML Benchmark Project". Technical Report INS-R0103, CWI, April 2001.

Digital Library

[24]

A. C. Snoeren, K. Conley, and D. K. Gifford. Mesh-based content routing using XML. In Symposium on Operating Systems Principles, pages 160--173, 2001.

Digital Library

[25]

I. Stoica, R. Morris, D. Liben-Nowell, D. Karger, M. Kaashoek, F. Dabek, and H. Balakrishnan. Chord: A scalable peer-to-peer lookup protocol for internet applications. In IEEE/ACM Trans. Networking, volume 11 of 1, 2003.

Digital Library

[26]

A. Sugiura and O. Etzioni. Query Routing for Web Search Engines: Architecture and Experiments. Computer Networks, 33(1), 2000.

Digital Library

[27]

P. F. Syverson, D. M. Goldschlag, and M. G. Reed. Anonymous connections and onion routing. In IEEE Symposium on Security and Privacy, pages 44--54, Oakland, California, 1997.

Digital Library

[28]

W. Tolone, G.-J. Ahn, T. Pai, and S.-P. Hong. Access control in collaborative systems. ACM Comput. Surv., 37(1), 2005.

Digital Library

[29]

T. Yu, D. Srivastava, L. V. S. Lakshmanan, and H. V. Jagadish. Compressed accessibility map: Efficient access control for XML. In VLDB, pages 478--489, China, 2002.

Digital Library

Cited By

Barati MTheodorakopoulos GRana O(2020)Automating GDPR Compliance Verification for Cloud-hosted Services2020 International Symposium on Networks, Computers and Communications (ISNCC)10.1109/ISNCC49221.2020.9297309(1-6)Online publication date: 20-Oct-2020
https://doi.org/10.1109/ISNCC49221.2020.9297309
Lee DYu T(2018)XML Access ControlEncyclopedia of Database Systems10.1007/978-1-4614-8265-9_790(4735-4738)Online publication date: 7-Dec-2018
https://doi.org/10.1007/978-1-4614-8265-9_790
Lee DYu T(2016)XML Access ControlEncyclopedia of Database Systems10.1007/978-1-4899-7993-3_790-2(1-4)Online publication date: 24-Dec-2016
https://doi.org/10.1007/978-1-4899-7993-3_790-2
Show More Cited By

Index Terms

Automaton segmentation: a new approach to preserve privacy in xml information brokering
1. Security and privacy
  1. Human and societal aspects of security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime
    2. Privacy policies

Recommendations

Distributed access control: a privacy-conscious approach
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

With more and more information being exchanged or published on the Web or in peer-to-peer, and with the significant growth in numbers of distributed, heterogeneous data sources, issues like access control and data privacy are becoming increasingly ...
A Lattice-Based Privacy Aware Access Control Model
CSE '09: Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03

As the amount of data being collected by service providers increases, privacy concerns increase for the data owners that must provide private data to get services. Legislative acts require enterprises protect the privacy of their customers and privacy ...
A Privacy-Aware Access Model on Anonymized Data
INTRUST 2014: Revised Selected Papers of the 6th International Conference on Trusted Systems - Volume 9473

With development of information technology and communication, corporations and individuals will collect some digital information to support information-based decisions. However, under some conditions, if all original data are released, some privacy will ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

October 2007

628 pages

ISBN:9781595937032

DOI:10.1145/1315245

General Chair:
Peng Ning
NC State University, USA
,
Program Chairs:
Sabrina De Capitani di Vimercati
University of Milan, Italy
,
Paul Syverson
Naval Research Laboratory, USA

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS07

Sponsor:

CCS07: 14th ACM Conference on Computer and Communications Security 2007

November 2 - October 31, 2007

Virginia, Alexandria, USA

Acceptance Rates

CCS '07 Paper Acceptance Rate 55 of 302 submissions, 18%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
520
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Barati MTheodorakopoulos GRana O(2020)Automating GDPR Compliance Verification for Cloud-hosted Services2020 International Symposium on Networks, Computers and Communications (ISNCC)10.1109/ISNCC49221.2020.9297309(1-6)Online publication date: 20-Oct-2020
https://doi.org/10.1109/ISNCC49221.2020.9297309
Lee DYu T(2018)XML Access ControlEncyclopedia of Database Systems10.1007/978-1-4614-8265-9_790(4735-4738)Online publication date: 7-Dec-2018
https://doi.org/10.1007/978-1-4614-8265-9_790
Lee DYu T(2016)XML Access ControlEncyclopedia of Database Systems10.1007/978-1-4899-7993-3_790-2(1-4)Online publication date: 24-Dec-2016
https://doi.org/10.1007/978-1-4899-7993-3_790-2
Thimma MLiu FLin JLuo B(2015)HyXAC: Hybrid XML Access Control Integrating View-Based and Query-Rewriting ApproachesIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2015.240736627:8(2190-2202)Online publication date: 1-Aug-2015
https://doi.org/10.1109/TKDE.2015.2407366
Gunasekaran KIndumathi MSaravanan D(2014)Enforcing secure and privacy in information brokering systemInternational Conference on Information Communication and Embedded Systems (ICICES2014)10.1109/ICICES.2014.7033913(1-7)Online publication date: Feb-2014
https://doi.org/10.1109/ICICES.2014.7033913
Thimma MTsui TLuo BConti MVaidya JSchaad A(2013)HyXACProceedings of the 18th ACM symposium on Access control models and technologies10.1145/2462410.2462424(113-124)Online publication date: 12-Jun-2013
https://dl.acm.org/doi/10.1145/2462410.2462424
Li FLuo BLiu PLee DChu C(2013)Enforcing Secure and Privacy-Preserving Information Brokering in Distributed Information SharingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2013.22473988:6(888-900)Online publication date: 1-Jun-2013
https://dl.acm.org/doi/10.1109/TIFS.2013.2247398
Burnside MKeromytis A(2009)F3ildCryptProceedings of the 12th International Conference on Information Security10.1007/978-3-642-04474-8_38(491-506)Online publication date: 4-Sep-2009
https://dl.acm.org/doi/10.1007/978-3-642-04474-8_38
Li FLuo BLiu PSquicciarini ALee DChu C(2009)Defending against Attribute-Correlation Attacks in Privacy-Aware Information BrokeringCollaborative Computing: Networking, Applications and Worksharing10.1007/978-3-642-03354-4_9(100-112)Online publication date: 2009
https://doi.org/10.1007/978-3-642-03354-4_9
Lee DYu T(2009)XML Access ControlEncyclopedia of Database Systems10.1007/978-0-387-39940-9_790(3573-3576)Online publication date: 2009
https://doi.org/10.1007/978-0-387-39940-9_790

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten