Accuracy-Constrained Privacy-Preserving Access Control Mechanism for Relational Data

ACCURACY-CONSTRAINED PRIVACY-PRESERVING ACCESS CONTROL MECHANISM FOR RELATIONAL DATA

ABSTRACT:

Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized user can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization of relational data to anonymize and satisfy privacy requirements, e.g., k-anonymity and l-diversity, against identity and attribute disclosure. However, privacy is achieved at the cost of precision of authorized information. In this paper, we propose an accuracy-constrained privacy-preserving access control framework. The access control policies define selection predicates available to roles while the privacy requirement is to satisfy the k-anonymity or

L diversity. An additional constraint that needs to be satisfied by the PPM is the imprecision bound for each selection predicate. The techniques for workload-aware anonymization for selection predicates have been discussed in the literature. However, to the best of our knowledge, the problem of satisfying the accuracy constraints for multiple roles has not been studied before. In our formulation of the aforementioned problem, we propose heuristics for anonymization algorithms and show empirically that the proposed approach satisfies imprecision bounds for more permissions and has lower total imprecision than the current state of the art.

EXISTING SYSTEM:

ORGANIZATIONS collect and analyze consumer data to improve their services. Access Control Mechanisms (ACM) are used to ensure that only authorized information is available to users. However, sensitive information can still be misused by authorized users to compromise the privacy of consumers. The concept of privacy-preservation for sensitive data can require the enforcement of privacy policies or the protection against identity disclosure by satisfying some privacy requirements. Existing workload aware anonymization techniques minimize the imprecision aggregate for all queries and the imprecision added to each permission/query in the anonymized micro data is not known. Making the privacy requirement more stringent (e.g., increasing the value of k or l) results in additional imprecision for queries.

DISADVANTAGES OF EXISTING SYSTEM:

v There is no Privacy for users Data.

v The sensitive information, even after the removal of identifying attributes, is still susceptible to linking attacks by the authorized users.

PROPOSED SYSTEM:

The heuristics proposed in this paper for accuracy-constrained privacy-preserving access control are also relevant in the context of workload-aware anonymization. The anonymization for continuous data publishing has been studied in literature. In this paper the focus is on a static relational table that is anonymized only once. To exemplify our approach, role-based access control is assumed. However, the concept of accuracy constraints for permissions can be applied to any privacy-preserving security policy, e.g., discretionary access control.

ADVANTAGES OF PROPOSED SYSTEM:

v Accuracy-constrained privacy-preserving access.

v It maintains data’s in a secure manner.

SYSTEM CONFIGURATION:-

HARDWARE REQUIREMENTS:-

Processor                  -        Pentium –IV

Speed                        -        1.1 Ghz

RAM                         -        512 MB(min)

Hard Disk                 -        40 GB

Key Board                -        Standard Windows Keyboard

Mouse                       -        Two or Three Button Mouse

Monitor                     -        LCD/LED

SOFTWARE REQUIREMENTS:

Operating system      :         Windows XP.

Coding Language      :         .Net

Data Base                 :         SQL Server 2005

Tool                          :         VISUAL STUDIO 2008.

REFERENCE:

Zahid Pervaiz, Walid G. Aref, Senior Member, IEEE, Arif Ghafoor, Fellow, IEEE, and Nagabhushana Prabhu, “Accuracy-Constrained Privacy-Preserving Access Control Mechanism for Relational Data” IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, VOL. 26, NO. 4, APRIL 2014 795