Provenance views for module privacy

Susan B. Davidson; Sanjeev Khanna; Tova Milo; Debmalya Panigrahi; Sudeepa Roy

doi:10.1145/1989284.1989305

Provenance views for module privacy

Susan B. Davidson, Sanjeev Khanna, Tova Milo, Debmalya Panigrahi, Sudeepa Roy

School of Computer Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Scientific workflow systems increasingly store provenance information about the module executions used to produce a data item, as well as the parameter settings and intermediate data items passed between module executions. However, authors/owners of workflows may wish to keep some of this information confidential. In particular, a module may be proprietary, and users should not be able to infer its behavior by seeing mappings between all data inputs and outputs. The problem we address in this paper is the following: Given a workflow, abstractly modeled by a relation R, a privacy requirement Γ and costs associated with data. The owner of the workflow decides which data (attributes) to hide, and provides the user with a view R' which is the projection of R over attributes which have not been hidden. The goal is to minimize the cost of hidden data while guaranteeing that individual modules are Γ-private. We call this the Secure-View problem. We formally define the problem, study its complexity, and offer algorithmic solutions.

Original language	English
Title of host publication	PODS'11 - Proceedings of the 30th Symposium on Principles of Database Systems
Pages	175-186
Number of pages	12
DOIs	https://doi.org/10.1145/1989284.1989305
State	Published - 2011
Event	30th Symposium on Principles of Database Systems, PODS'11 - Athens, Greece Duration: 13 May 2011 → 15 May 2011

Publication series

Name	Proceedings of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems

Conference

Conference	30th Symposium on Principles of Database Systems, PODS'11
Country/Territory	Greece
City	Athens
Period	13/05/11 → 15/05/11

Keywords

Approximation
Privacy
Provenance
Workflows

Access to Document

10.1145/1989284.1989305

Cite this

@inproceedings{1eec974e083d4451aba56051dfa0497e,

title = "Provenance views for module privacy",

abstract = "Scientific workflow systems increasingly store provenance information about the module executions used to produce a data item, as well as the parameter settings and intermediate data items passed between module executions. However, authors/owners of workflows may wish to keep some of this information confidential. In particular, a module may be proprietary, and users should not be able to infer its behavior by seeing mappings between all data inputs and outputs. The problem we address in this paper is the following: Given a workflow, abstractly modeled by a relation R, a privacy requirement Γ and costs associated with data. The owner of the workflow decides which data (attributes) to hide, and provides the user with a view R' which is the projection of R over attributes which have not been hidden. The goal is to minimize the cost of hidden data while guaranteeing that individual modules are Γ-private. We call this the Secure-View problem. We formally define the problem, study its complexity, and offer algorithmic solutions.",

keywords = "Approximation, Privacy, Provenance, Workflows",

author = "Davidson, {Susan B.} and Sanjeev Khanna and Tova Milo and Debmalya Panigrahi and Sudeepa Roy",

year = "2011",

doi = "10.1145/1989284.1989305",

language = "אנגלית",

isbn = "9781450306607",

series = "Proceedings of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems",

pages = "175--186",

booktitle = "PODS'11 - Proceedings of the 30th Symposium on Principles of Database Systems",

note = "null ; Conference date: 13-05-2011 Through 15-05-2011",

}

Davidson, SB, Khanna, S, Milo, T, Panigrahi, D & Roy, S 2011, Provenance views for module privacy. in PODS'11 - Proceedings of the 30th Symposium on Principles of Database Systems. Proceedings of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pp. 175-186, 30th Symposium on Principles of Database Systems, PODS'11, Athens, Greece, 13/05/11. https://doi.org/10.1145/1989284.1989305

Provenance views for module privacy. / Davidson, Susan B.; Khanna, Sanjeev; Milo, Tova et al.

PODS'11 - Proceedings of the 30th Symposium on Principles of Database Systems. 2011. p. 175-186 (Proceedings of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Provenance views for module privacy

AU - Davidson, Susan B.

AU - Khanna, Sanjeev

AU - Milo, Tova

AU - Panigrahi, Debmalya

AU - Roy, Sudeepa

PY - 2011

Y1 - 2011

N2 - Scientific workflow systems increasingly store provenance information about the module executions used to produce a data item, as well as the parameter settings and intermediate data items passed between module executions. However, authors/owners of workflows may wish to keep some of this information confidential. In particular, a module may be proprietary, and users should not be able to infer its behavior by seeing mappings between all data inputs and outputs. The problem we address in this paper is the following: Given a workflow, abstractly modeled by a relation R, a privacy requirement Γ and costs associated with data. The owner of the workflow decides which data (attributes) to hide, and provides the user with a view R' which is the projection of R over attributes which have not been hidden. The goal is to minimize the cost of hidden data while guaranteeing that individual modules are Γ-private. We call this the Secure-View problem. We formally define the problem, study its complexity, and offer algorithmic solutions.

AB - Scientific workflow systems increasingly store provenance information about the module executions used to produce a data item, as well as the parameter settings and intermediate data items passed between module executions. However, authors/owners of workflows may wish to keep some of this information confidential. In particular, a module may be proprietary, and users should not be able to infer its behavior by seeing mappings between all data inputs and outputs. The problem we address in this paper is the following: Given a workflow, abstractly modeled by a relation R, a privacy requirement Γ and costs associated with data. The owner of the workflow decides which data (attributes) to hide, and provides the user with a view R' which is the projection of R over attributes which have not been hidden. The goal is to minimize the cost of hidden data while guaranteeing that individual modules are Γ-private. We call this the Secure-View problem. We formally define the problem, study its complexity, and offer algorithmic solutions.

KW - Approximation

KW - Privacy

KW - Provenance

KW - Workflows

UR - http://www.scopus.com/inward/record.url?scp=79960191413&partnerID=8YFLogxK

U2 - 10.1145/1989284.1989305

DO - 10.1145/1989284.1989305

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:79960191413

SN - 9781450306607

T3 - Proceedings of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems

SP - 175

EP - 186

BT - PODS'11 - Proceedings of the 30th Symposium on Principles of Database Systems

Y2 - 13 May 2011 through 15 May 2011

ER -

Provenance views for module privacy

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this