TY - GEN
T1 - A Privacy-Preserving Framework for Rank Inference
AU - Gao, Yunpeng
AU - Yan, Tong
AU - Zhang, Nan
PY - 2017/12/4
Y1 - 2017/12/4
N2 - In this paper, we address privacy issues related to ranked retrieval model in web databases, each of which takes private attributes as part of input in the ranking function. Many web databases have both public attributes and private attributes which serve different purposes. The owners of web databases, which normally are websites, show the public attributes but keep private attributes invisible to public. For example, social network websites provide privacy settings which allow users to control the visibility of user profiles by hiding certain attributes values from public view. In order to maximize the protection effect, these websites also hide private attributes in query results so that public can only access attributes that are set to public. In this way, even private attributes have been taken as part of input in the ranking function, many websites believe that the adversary is unable to reveal the private attribute values from ranked query results. Thus they declare the private attributes are well protected. Intuitively, users indeed cannot view others' private attribute values and their own private attribute values are hidden from public view. Users trust these websites because they believe that 'what you see is what you get', and be persuaded to input sensitive personal information as private attributes to databases. However, the investigation by Rahman et al.[1] proves that though the values of private attributes could be hidden from public view, they still can be inferred from the ranking function.
AB - In this paper, we address privacy issues related to ranked retrieval model in web databases, each of which takes private attributes as part of input in the ranking function. Many web databases have both public attributes and private attributes which serve different purposes. The owners of web databases, which normally are websites, show the public attributes but keep private attributes invisible to public. For example, social network websites provide privacy settings which allow users to control the visibility of user profiles by hiding certain attributes values from public view. In order to maximize the protection effect, these websites also hide private attributes in query results so that public can only access attributes that are set to public. In this way, even private attributes have been taken as part of input in the ranking function, many websites believe that the adversary is unable to reveal the private attribute values from ranked query results. Thus they declare the private attributes are well protected. Intuitively, users indeed cannot view others' private attribute values and their own private attribute values are hidden from public view. Users trust these websites because they believe that 'what you see is what you get', and be persuaded to input sensitive personal information as private attributes to databases. However, the investigation by Rahman et al.[1] proves that though the values of private attributes could be hidden from public view, they still can be inferred from the ranking function.
UR - http://www.scopus.com/inward/record.url?scp=85046543120&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85046543120&partnerID=8YFLogxK
U2 - 10.1109/PAC.2017.23
DO - 10.1109/PAC.2017.23
M3 - Conference contribution
AN - SCOPUS:85046543120
T3 - Proceedings - 2017 IEEE Symposium on Privacy-Aware Computing, PAC 2017
SP - 180
EP - 181
BT - Proceedings - 2017 IEEE Symposium on Privacy-Aware Computing, PAC 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 1st IEEE Symposium on Privacy-Aware Computing, PAC 2017
Y2 - 1 August 2017 through 3 August 2017
ER -