Sharif Digital Repository

This paper proposes a horizontal fragmentation method to preserve privacy in data outsourcing. The basic idea is to identify sensitive tuples, anonymize them based on a privacy model and store them at the external server. The remaining non-sensitive tuples are also stored at the server side. While our method departs from using encryption, it outsources all the data to the server; the two important goals that existing methods are unable to achieve simultaneously. The main application of the method is for scenarios where encrypting or not outsourcing sensitive data may not guarantee the privacy  

Nowadays, a large volume of an organization's sensitive data is stored in databases making them attractive to attackers. The useful information attackers try to obtain in the preliminary steps, is the database structure or schema. One of the popular approaches to infer and extract the schema of a database is to analyze the returned error messages from its DBMS. In this paper, we propose a framework to handle and modify the error messages automatically in order to prevent schema revealing. To this aim, after identifying and introducing an appropriate set of categories of error messages, each error message that is returned from a DBMS is placed in a proper category. According to the policy... 

Privacy-preserving data release is about disclosing information about useful data while retaining the privacy of sensitive data. Assuming that the sensitive data is threatened by a brute-force adversary, we define Guessing Leakage as a measure of privacy, based on the concept of guessing. After investigating the properties of this measure, we derive the optimal utility-privacy trade-off via a linear program with any f-information adopted as the utility measure, and show that the optimal utility is a concave and piece-wise linear function of the privacy-leakage budget