Title :
A Test Framework for Assessing Effectiveness of the Data Privacy Policy´s Implementation into Relational Databases
Author :
Canfora, Gerardo ; Visaggio, Corrado Aaron ; Paradiso, Vito
Author_Institution :
Dept. of Eng., Univ. of Sannio, Sannio
Abstract :
The growing migration of business transactions toward the web made data privacy a critical issue to cope with. Many technologies have been proposed in order to preserve sensitive data from illegal disclosure, also known as privacy enhancing technology (PET). Unfortunately, under certain conditions, sensitive data could be obtained by leveraging different malicious mechanisms which exploit actions permitted to the user. Thus, it is needed to face the problem also at the system design level, and not only by integrating a specific PET into the final system. We propose a framework for testing the software systempsilas capability of respecting established data privacy policy. Our test framework aims at detecting the sequence of legal actions which could allow a user to breach the mechanisms for preserving data privacy. The test output helps designers to properly modify those usage scenarios which could compromise data privacy. Experimentation has been carried out in order to make a preliminary assessment of the method.
Keywords :
data privacy; relational databases; business transactions; data privacy policy; illegal disclosure; privacy enhancing technology; relational databases; sensitive data; software system capability; usage scenarios; Availability; Data privacy; Diabetes; Law; Legal factors; Liver diseases; Positron emission tomography; Relational databases; Software systems; Testing; Data Privacy; Security Testing;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.153
