Malafide intension based detection of privacy violation in information system

Authors:
Shyam K. Gupta;Vikram Goyal;Anand Gupta
Affiliations:
Department of Computer Science and Engineering, IIT Delhi, Hauz Khas, New Delhi;Department of Computer Science and Engineering, IIT Delhi, Hauz Khas, New Delhi;Dept. of Comp. Sci. and Engg. N.S.I.T. Delhi, Sector-3, Dwarka, New Delhi
Venue:
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Year:
2006

Citing 5
Cited 4

Security-control methods for statistical databases: a comparative study

ACM Computing Surveys (CSUR)
Hippocratic databases

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Limiting disclosure in hippocratic databases

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Auditing compliance with a Hippocratic database

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Query rewriting for detection of privacy violation through inferencing

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

PRINDA: Architecture and design of non-disclosure agreements in privacy policy framework

Data & Knowledge Engineering
A Unified Audit Expression Model for Auditing SQL Queries

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Auditing Inference Based Disclosures in Dynamic Databases

SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Query rewriting for detection of privacy violation through inferencing

Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the past few years there has been an increased focus on privacy issues for Information Systems. This has resulted in concerted systematic work focused on regulations, tools and enforcement. Despite this, privacy violations still do take place. Therefore there is an increased need to develop efficient methods to detect privacy violations. After a privacy violation has taken place, the post-event diagnostics should make use of any post-event information which might be available. This information (malafide intention) might play a decisive role in determining violations. In this paper we propose one such framework which makes use of malafide intentions. The framework is based on the hypothesis that any intrusion/unauthorized access has a malafide intention always associated with it and is available in a post-event scenario. We hereby propose that by analyzing the privacy policies and the available malafide intention, it is possible to detect probable privacy violations.