International Journal of Internet, Broadcasting and Communication

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

Secure Healthcare Management: Protecting Sensitive Information from Unauthorized Users

  • Ko, Hye-Kyeong (Department of Computer Engineering, Sungkyul University)
  • Received : 2020.11.22
  • Accepted : 2020.12.02
  • Published : 2021.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, applications are increasing the importance of security for published documents. This paper deals with data-publishing where the publishers must state sensitive information that they need to protect. If a document containing such sensitive information is accidentally posted, users can use common-sense reasoning to infer unauthorized information. In recent studied of peer-to-peer databases, studies on the security of data of various unique groups are conducted. In this paper, we propose a security framework that fundamentally blocks user inference about sensitive information that may be leaked by XML constraints and prevents sensitive information from leaking from general user. The proposed framework protects sensitive information disclosed through encryption technology. Moreover, the proposed framework is query view security without any three types of XML constraints. As a result of the experiment, the proposed framework has mathematically proved a way to prevent leakage of user information through data inference more than the existing method.

Keywords

References

  1. W. S. Ng, K. L, Tan, and A. Zhou, "A P2P-based System for Distributed Data Sharing," in Proc. 19th International Conference on Data Engineering, pp. 633-644, 2003. DOI: https://doi.org/10.1109/icde.2003.1260827.
  2. M. Stonebraker, P. M. Aoki, W. Litwin, A. Pfeffer, A. Sah, J. Sidell, Staelin, and A. Yu, "Mariposa: A Wide-area Distributed Database System," VLDB Journal, Vol. 5, No. 1, pp. 48-63, 1996. DOI: https://doi.org/10.3850/978-981-08-7300-4_1005.
  3. Z. G. Ives, A. Y. Lyer J. Madhavan, R. Pottinger. S. Saroiu, I. Tatarinov, S. Betzler, Q. Chen, E. Jaslikowska, J. Su, and W. Yeung, "Self-organizing Data Sharing Communities with SAGRES," in Proc. 2003 ACM SIGMOD International Conference on Management of Data, p. 582, June, 2000. OI: https://doi.org/10.1145/342009.335492.
  4. T. Bray, J. Paoli, C. M. Sperberg-McQueen, E. Maler, and F. Yergeau, "Extensible Markup Language (XML) 1.0 (forth ed.)," W3C, 2006, http://www.w3.org/TR/REC-xml.
  5. N. R. Adam and J. C. Wortman, "Security-Control Methods for Statistical Databases," ACM Computing Surveys, Vol. 21, No. 4, pp. 515-556, 1989. DOI: https://doi.org/10.1145/76894.76895.
  6. X. Yang and C. Li, "Secure XML Publishing without Information Leakage in the Presence of Data Inference," in Proc. 30th International Conference on Very Large Data Bases, pp. 96-107, 2004. DOI: https://doi.org/10.1016/b978-012088469-8.50012-7.
  7. A. Brodskyand, C. Farkas, and S. Jajodia, "Secure Databases: Constraints, Inference Channels, and monitoring disclosures," IEEE Transactions on Knowledge and Data Engineering, Vol. 12, No. 6, pp. 900-919, 2000. DOI: https://doi.org/10.1016/b978-012088469-8.50012-7.
  8. S. Castano M. G. Fugini and G. Martella, "Database Security," Addison-Wesley & ACM Press, 1995.
  9. G. Miklau and D. Suciu, "Controlling Access to Published Data using Cryptography," in Proc. 29th International Conference on Very Large Data Bases, pp. 898-909, 2003. DOI: https://doi.org/10.1016/b978-012722442-8/50084-7.
  10. J. G. Lee and K. Y. Whang, "Secure Query Processing against Encrypted XML Data using Query-Aware Decryption," Information Sciences, Vol. 176, No. 13, pp. 1928-1947, 2006. DOI: https://doi.org/10.1016/j.ins.2005.08.001.
  11. E. Bertino, S. Castano, E. Ferrari, and M. Mesiti, "Controlling Access and Dissemination of XML Document," in Proc. 2nd International Workshop on Web Information and Data Management, pp. 22-27, 1999. DOI: https://doi.org/10.1145/319759.319770.
  12. H. Ko and S. Lee, "A Binary String Approach for Updates in Dynamic Ordered XML Data," IEEE Transactions on Knowledge and Data Engineering," Vol. 22, No. 4, pp. 602-607, 2010. DOI: https://doi.org/10.1109/tkde.2009.87.
  13. D. Dobkin, A. K. Jones, and R. J. Lipton, "Secure Databases: Protection against User Influence," ACM Trans. Database System, Vol. 4, No. 1, pp. 97-106, 1979. DOI: https://doi.org/10.1145/320064.320068.
  14. S. H. Yoon, K. S. Lee, C. J. Sang, T. Khudaybergenov, M. S. Kim, D. G. Woo, and J. U. Kim, "Building Control Box Attached Monitor based Color Grid Recognition Methods for User Access Authentication," The International Journal of Internet, Broadcasting and Communication (IJIBC), Vol. 12, No. 2, pp. 1-7, 2020. DOI: https://doi.org/10.7236/JIJBC.2020.12.2.1.
  15. Y. Seo and Y. Chang, "A Study for Applicating and Introducing the Right to be Forgotten," The Journal of Convergence on Culture Technology (JCCT), Vol. 2, No. 3, pp. 23-28, 2016. DOI: https://doi.org/10.17703/JCCT.2016.2.3.23.