Managing Confidentiality for Exchanged Data

Dr. Miklau is from the University of Washington
Maturing technologies for data exchange and integration promise easy access to information, flexible collaboration, and convenience. But they also pose an increasing threat that data about us, or data owned by us, will be inappropriately disclosed and misused. In this talk I will discuss two problems concerned with protecting the confidentiality of exchanged data.

In many settings, sensitive data is protected by restricting access to the data as a whole and permitting access only to a logical view of the data, defined in a given query language. First, I will present a novel definition of security which holds when the available view contains no information that can be used to answer a sensitive query. This standard of security assists data owners in making accurate decisions about the data that can safely be published. Second, I will describe techniques for controlling access to published views using cryptography. The latter techniques are the basis of a practical framework that can be used to safely and efficiently disseminate data to a large numbers of recipients, and can easily support a wide range of access conditions.