Proceedings of the 16th international conference on World Wide Web
Introducing secure provenance: problems and challenges
Proceedings of the 2007 ACM workshop on Storage security and survivability
Towards identity anonymization on graphs
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Scientific Workflow Provenance Querying with Security Views
WAIM '08 Proceedings of the 2008 The Ninth International Conference on Web-Age Information Management
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Scalable access controls for lineage
TAPP'09 First workshop on on Theory and practice of provenance
Preserving Privacy in Social Networks Against Neighborhood Attacks
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
PLUS: Synthesizing privacy, lineage, uncertainty and security
ICDEW '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering Workshop
Do You Know Where Your Data's Been? --- Tamper-Evident Database Provenance
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Class-based graph anonymization for social network data
Proceedings of the VLDB Endowment
Preserving the privacy of sensitive relationships in graph data
PinKDD'07 Proceedings of the 1st ACM SIGKDD international conference on Privacy, security, and trust in KDD
Resisting structural re-identification in anonymized social networks
The VLDB Journal — The International Journal on Very Large Data Bases
The Open Provenance Model core specification (v1.1)
Future Generation Computer Systems
Provenance views for module privacy
Proceedings of the thirtieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Security issues in a SOA-Based provenance system
IPAW'06 Proceedings of the 2006 international conference on Provenance and Annotation of Data
Dependency path patterns as the foundation of access control in provenance-aware systems
TaPP'12 Proceedings of the 4th USENIX conference on Theory and Practice of Provenance
Privacy preservation of user history graph
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
A propagation model for provenance views of public/private workflows
Proceedings of the 16th International Conference on Database Theory
A core calculus for provenance
Journal of Computer Security - Security and Trust Principles
| Hi-index | 0.00 |
Many applications, including provenance and some analyses of social networks, require path-based queries over graphstructured data. When these graphs contain sensitive information, paths may be broken, resulting in uninformative query results. This paper presents innovative techniques that give users more informative graph query results; the techniques leverage a common industry practice of providing what we call surrogates: alternate, less sensitive versions of nodes and edges releasable to a broader community. We describe techniques for interposing surrogate nodes and edges to protect sensitive graph components, while maximizing graph connectivity and giving users as much information as possible. In this work, we formalize the problem of creating a protected account G' of a graph G. We provide a utility measure to compare the informativeness of alternate protected accounts and an opacity measure for protected accounts, which indicates the likelihood that an attacker can recreate the topology of the original graph from the protected account. We provide an algorithm to create a maximally useful protected account of a sensitive graph, and show through evaluation with the PLUS prototype that using surrogates and protected accounts adds value for the user, with no significant impact on the time required to generate results for graph queries.