The Life-Cycle Policy model

N.L.G. Anciaux, Luc Bouganim, H.J.W. van Heerde, Philippe Pucheral, Peter M.G. Apers

Research output: Book/ReportReport

Abstract

Our daily life activity leaves digital trails in an increasing number of databases (commercial web sites, internet service providers, search engines, location tracking systems, etc). Personal digital trails are commonly exposed to accidental disclosures resulting from negligence or piracy and to ill-intentioned scrutinization and abusive usages fostered by fuzzy privacy policies. No one is sheltered because a single event (e.g., applying for a job or a credit) can suddenly make our history a precious asset. By definition, access control fails preventing trail disclosures, motivating the integration of the Limited Data Retention principle in legislations protecting data privacy. By this principle, data is withdrawn from a database after a predefined time period. However, this principle is difficult to apply in practice, leading to retain useless sensitive information for years in databases. In this paper, we propose a simple and practical data degradation model where sensitive data undergoes a progressive and irreversible degradation from an accurate state at collection time, to intermediate but still informative degraded states, up to complete disappearance when the data becomes useless. The benefits of data degradation is twofold: (i) by reducing the amount of accurate data, the privacy offence resulting from a trail disclosure is drastically reduced and (ii) degrading the data in line with the application purposes offers a new compromise between privacy preservation and application reach. We introduce in this paper a data degradation model, analyze its impact over core database techniques like storage, indexation and transaction management and propose degradation-aware techniques.
LanguageUndefined
Place of PublicationRocquencourt, France
PublisherInstitut National de Recherche en Informatique et en Automatique
Number of pages25
ISBN (Print)0249-6399
StatePublished - Jul 2008

Publication series

NameRapport de recherche
PublisherInstitut National de Recherche en Informatique et en Automatique
No.WoTUG-31/RR-6577
ISSN (Print)0249-6399

Keywords

  • IR-65185
  • EWI-14530
  • METIS-254958

Cite this

Anciaux, N. L. G., Bouganim, L., van Heerde, H. J. W., Pucheral, P., & Apers, P. M. G. (2008). The Life-Cycle Policy model. (Rapport de recherche; No. WoTUG-31/RR-6577). Rocquencourt, France: Institut National de Recherche en Informatique et en Automatique.
Anciaux, N.L.G. ; Bouganim, Luc ; van Heerde, H.J.W. ; Pucheral, Philippe ; Apers, Peter M.G./ The Life-Cycle Policy model. Rocquencourt, France : Institut National de Recherche en Informatique et en Automatique, 2008. 25 p. (Rapport de recherche; WoTUG-31/RR-6577).
@book{f66f6edc77bd49ab862cad3236989a3a,
title = "The Life-Cycle Policy model",
abstract = "Our daily life activity leaves digital trails in an increasing number of databases (commercial web sites, internet service providers, search engines, location tracking systems, etc). Personal digital trails are commonly exposed to accidental disclosures resulting from negligence or piracy and to ill-intentioned scrutinization and abusive usages fostered by fuzzy privacy policies. No one is sheltered because a single event (e.g., applying for a job or a credit) can suddenly make our history a precious asset. By definition, access control fails preventing trail disclosures, motivating the integration of the Limited Data Retention principle in legislations protecting data privacy. By this principle, data is withdrawn from a database after a predefined time period. However, this principle is difficult to apply in practice, leading to retain useless sensitive information for years in databases. In this paper, we propose a simple and practical data degradation model where sensitive data undergoes a progressive and irreversible degradation from an accurate state at collection time, to intermediate but still informative degraded states, up to complete disappearance when the data becomes useless. The benefits of data degradation is twofold: (i) by reducing the amount of accurate data, the privacy offence resulting from a trail disclosure is drastically reduced and (ii) degrading the data in line with the application purposes offers a new compromise between privacy preservation and application reach. We introduce in this paper a data degradation model, analyze its impact over core database techniques like storage, indexation and transaction management and propose degradation-aware techniques.",
keywords = "IR-65185, EWI-14530, METIS-254958",
author = "N.L.G. Anciaux and Luc Bouganim and {van Heerde}, H.J.W. and Philippe Pucheral and Apers, {Peter M.G.}",
year = "2008",
month = "7",
language = "Undefined",
isbn = "0249-6399",
series = "Rapport de recherche",
publisher = "Institut National de Recherche en Informatique et en Automatique",
number = "WoTUG-31/RR-6577",

}

Anciaux, NLG, Bouganim, L, van Heerde, HJW, Pucheral, P & Apers, PMG 2008, The Life-Cycle Policy model. Rapport de recherche, no. WoTUG-31/RR-6577, Institut National de Recherche en Informatique et en Automatique, Rocquencourt, France.

The Life-Cycle Policy model. / Anciaux, N.L.G.; Bouganim, Luc; van Heerde, H.J.W.; Pucheral, Philippe; Apers, Peter M.G.

Rocquencourt, France : Institut National de Recherche en Informatique et en Automatique, 2008. 25 p. (Rapport de recherche; No. WoTUG-31/RR-6577).

Research output: Book/ReportReport

TY - BOOK

T1 - The Life-Cycle Policy model

AU - Anciaux,N.L.G.

AU - Bouganim,Luc

AU - van Heerde,H.J.W.

AU - Pucheral,Philippe

AU - Apers,Peter M.G.

PY - 2008/7

Y1 - 2008/7

N2 - Our daily life activity leaves digital trails in an increasing number of databases (commercial web sites, internet service providers, search engines, location tracking systems, etc). Personal digital trails are commonly exposed to accidental disclosures resulting from negligence or piracy and to ill-intentioned scrutinization and abusive usages fostered by fuzzy privacy policies. No one is sheltered because a single event (e.g., applying for a job or a credit) can suddenly make our history a precious asset. By definition, access control fails preventing trail disclosures, motivating the integration of the Limited Data Retention principle in legislations protecting data privacy. By this principle, data is withdrawn from a database after a predefined time period. However, this principle is difficult to apply in practice, leading to retain useless sensitive information for years in databases. In this paper, we propose a simple and practical data degradation model where sensitive data undergoes a progressive and irreversible degradation from an accurate state at collection time, to intermediate but still informative degraded states, up to complete disappearance when the data becomes useless. The benefits of data degradation is twofold: (i) by reducing the amount of accurate data, the privacy offence resulting from a trail disclosure is drastically reduced and (ii) degrading the data in line with the application purposes offers a new compromise between privacy preservation and application reach. We introduce in this paper a data degradation model, analyze its impact over core database techniques like storage, indexation and transaction management and propose degradation-aware techniques.

AB - Our daily life activity leaves digital trails in an increasing number of databases (commercial web sites, internet service providers, search engines, location tracking systems, etc). Personal digital trails are commonly exposed to accidental disclosures resulting from negligence or piracy and to ill-intentioned scrutinization and abusive usages fostered by fuzzy privacy policies. No one is sheltered because a single event (e.g., applying for a job or a credit) can suddenly make our history a precious asset. By definition, access control fails preventing trail disclosures, motivating the integration of the Limited Data Retention principle in legislations protecting data privacy. By this principle, data is withdrawn from a database after a predefined time period. However, this principle is difficult to apply in practice, leading to retain useless sensitive information for years in databases. In this paper, we propose a simple and practical data degradation model where sensitive data undergoes a progressive and irreversible degradation from an accurate state at collection time, to intermediate but still informative degraded states, up to complete disappearance when the data becomes useless. The benefits of data degradation is twofold: (i) by reducing the amount of accurate data, the privacy offence resulting from a trail disclosure is drastically reduced and (ii) degrading the data in line with the application purposes offers a new compromise between privacy preservation and application reach. We introduce in this paper a data degradation model, analyze its impact over core database techniques like storage, indexation and transaction management and propose degradation-aware techniques.

KW - IR-65185

KW - EWI-14530

KW - METIS-254958

M3 - Report

SN - 0249-6399

T3 - Rapport de recherche

BT - The Life-Cycle Policy model

PB - Institut National de Recherche en Informatique et en Automatique

CY - Rocquencourt, France

ER -

Anciaux NLG, Bouganim L, van Heerde HJW, Pucheral P, Apers PMG. The Life-Cycle Policy model. Rocquencourt, France: Institut National de Recherche en Informatique et en Automatique, 2008. 25 p. (Rapport de recherche; WoTUG-31/RR-6577).