期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2008
卷号:2
期号:1
出版社:SERSC
摘要:The Prevalent use of XML highlights an increasing need that publishing XML documents should meet precise security requirements, without revealing sensitive information to unauthorized users. We consider data-publishing applications where the publisher specifies what information is sensitive and should be protected. Hiding the sensitive information is no enough and the users can use common knowledge (e.g. “all patients in the same ward have the same disease”) to infer more data, which can cause leakage of sensitive information. We formulate the process how users can infer data using three types of common XML constraints and several functional dependencies. We develop a novel paradigm for finding a max partial document without causing information leakage when we publish several related XML documents, while allowing publishing as much data as possible. The experiments on real data sets show that effect of inference on data security, and how the paradigm can prevent leaking the sensitive information.
