Title: A framework for privacy aware data management in relational databases

Authors: Pietro Colombo; Elena Ferrari

Addresses: Dipartimento di Scienze Teoriche e Applicate, Università degli Studi dell'Insubria, Varese, Italy ' Dipartimento di Scienze Teoriche e Applicate, Università degli Studi dell'Insubria, Varese, Italy

Abstract: This paper is about MAPaS - modelling and analysis of privacy-aware systems - framework, which targets the development of privacy aware SQL queries operating on a given database. MAPaS supports the specification of purpose and role-based access control policies that regulate the access to data based on purpose compliance, role and purpose-based authorisations. The current version of MAPaS allows the definition of the scheme of the database whose data must be protected and the SQL queries that should be executed on such a database. A rich analysis toolkit allows user to assess the compliance of these queries with the specified privacy policies. The analysis can be done even before the database is populated. The use of MAPaS bring users to define SQL queries which are privacy aware by design.

Keywords: privacy aware data management; privacy policies; relational databases; model driven development; Object Constraint Language; OCL; Atlas Transformation Language; ATL; privacy awareness; security; modelling; SQL queries; access control; data protection.

DOI: 10.1504/IJIPSI.2014.062886

International Journal of Information Privacy, Security and Integrity, 2014 Vol.2 No.1, pp.56 - 78

Published online: 13 Sep 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article