Segnalo questo seminario sperando sia di interesse a questa ML. ================================================================== PRIVACY CHALLENGES FOR DATABASE SYSTEMS November 7th, 2012 Wednesday 2:30 pm EIT conference room, Northern Bldg, Fondazione Bruno Kessler, Via Sommarive 18 - Povo Speaker: Prof. Johann-Christoph Freytag - Humboldt Universität zu Berlin Abstract: Over the last years the means to collect personal data implicitly or explicitly over the Web and by various kinds of sensors and to combine data for profiling individuals has dramatically increased. These improved abilities have a dramatic impact on the privacy of every individual. This talk focuses on presenting and discussing different approaches how to prevent privacy breaches when personal data is either stored or individuals are at risk to reveal which data they access. In the first part of the talk we introduce several examples of privacy breaches that help us to better understand what is at risk and to categorize the kind of privacy threads and privacy attacks. They show that privacy is at risk in different fields such as in the field of communication and in the field of database systems. The latter will be the focus for the rest of the presentation. To begin with, we first discuss the principles of Hippocratic database systems that should guide any privacy solution for database systems. These principles rest in part on various requirements coming from the privacy (non computer science) community and from the legal world. They will help us in better understand the different solutions and concepts to protect the privacy of individuals when storing personal data in a database system. We then turn to the notion of data privacy. The challenge of data privacy is to prevent the linkage of stored data to individuals. For example, if we store patient and disease data, it should be impossible to find out which individual has which disease when the data is released. As a first step we introduce the notion of k-anonymity as a way to release data without revealing the identity of the individual they belong to. We show that the basic notion of k-anonymity does not suffice; it must be improved in various ways due to the different kind of privacy leakages (or possible attacks) that might occur. Based on the notion of access privacy we describe a solution how protect the user’s privacy when accessing a database such that one cannot detect/observe which data is accessed in the database. The presentation ends by discussing how to model the knowledge an adversary gains by the results of a series of queries to the database – here the goal is to detect when the database should not provide any more results in order to protect privacy. Short Bio: Johann-Christoph Freytag is currently full professor for Databases and Information Systems (DBIS) at the Computer Science Department of the Humboldt-Universität zu Berlin, Germany. Before joining the department in 1994, he was a research staff member at the IBM Almaden Research Center (1985-1987), a researcher at the European Computer-Industry-Research Centre (ECRC, in Munich, Germany, 1987-1989), and the head of Digital's Database Technology Center (also in Munich, 1990- 1993). He holds a Ph.D. in Applied Mathematics/Computer Science from Harvard University, MA. Prof. Freytag's research interests include all aspects of query processing and query optimization in object-relational database systems, new developments in the database area (such as semi-structured data, data quality, databases and security), privacy in database systems, and applying database technology to applications such as GIS, genomics, and bioinformatics/life science. In the last years he received the IBM Faculty Award four times for collaborative work in the areas of databases, middleware, and bioinformatics/life science. He organized the VLDB conference in Berlin in 2003 and was a member of the VLDB Endowment (2001-2007) and in the head of the German database interest group of the GI (Fachbereich DBIS, Gesellschaft für Informatik). Contact: Cesare Furlanello, MPBA - Center for Information Technology - Irst