| |
There has
been a recent surge of interest in exploring and extending
the overlap of the fields of databases and information
retrieval. For example, suppose a security officer is
searching for potential suspects in a particular database
of criminals. Instead of returning literally hundreds
of suspects that match the general query, it would be
more appropriate to present the user with a summary, e.g.
the top twenty suspects ranked by crime potential and/or
connections. Another extension of information retrieval
techniques is keyword-based search in databases. Text
documents as well as structured relational data are rich
sources of information, and integrated querying and browsing
of structured relational databases and of text are of
vital importance. Yet such flexible and novel methods
of querying relational and text systems raises important
security and privacy issues concerning the underlying
data and access mechanisms. How does one restricted access
to sensitive portions of the data in such a querying system?
Even if access control is maintained, privacy breaches
may occur through the process of inference, in which an
illegal user executes several legitimate information retrieval
queries, and is able to reconstruct the content of some
restricted fields from the answers to these queries. In
this project we have started investigations of these and
related problems.
|
