Abstract

Access control mechanisms protect sensitive information from unauthorized users. However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized user can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization of relational data to anonymize and satisfy privacy requirements, e.g., k-anonymity and l-diversity, against identity and attribute disclosure. However, privacy is achieved at the cost of precision of authorized information. In this paper, we propose an accuracy-constrained privacy-preserving access control framework. The access control policies define selection predicates available to roles while the privacy requirement is to satisfy the k-anonymity or l-diversity. An additional constraint that needs to be satisfied by the PPM is the imprecision bound for each selection predicate. The
techniques for workload-aware anonymization for selection predicates have been discussed in the literature. However, to the best of our knowledge, the problem of satisfying the accuracy constraints for multiple roles has not been studied before. In our formulation of the aforementioned problem, we propose heuristics for anonymization algorithms and show empirically that the proposed approach
satisfies imprecision bounds for more permissions and has lower total imprecision than the current state of the art.

Existing System with Limitations

Access control mechanisms are crucial for protecting sensitive information from unauthorized access. However, these systems face significant limitations when dealing with privacy protection, particularly when sensitive information is shared.

1. Privacy Compromise by Authorized Users: Even if an authorized user accesses the information, there is still a risk of privacy compromise, potentially leading to identity disclosure.
2. Lack of Privacy Protection Mechanism (PPM): Without a PPM, sensitive information remains vulnerable to privacy breaches, even when access controls are in place.
3. Trade-off Between Privacy and Precision: Existing PPMs that use techniques like suppression and generalization of relational data can anonymize information to meet privacy requirements (e.g., k-anonymity and l-diversity). However, achieving privacy often comes at the cost of the precision and usefulness of the authorized information.
4. Imprecision in Information: The anonymization process can introduce imprecision, making the data less useful for authorized users.

Proposed System with Advantages

The proposed system introduces an accuracy-constrained privacy-preserving access control framework designed to address the limitations of existing systems.

1. Accuracy-Constrained Privacy Protection: This framework ensures that privacy requirements are met (e.g., k-anonymity and l-diversity) while also maintaining the precision of the authorized information. This dual focus minimizes the trade-off between privacy and data accuracy.
2. Role-Based Access Control with Precision: The access control policies in the proposed system define specific selection predicates for different roles. Each role’s access is tailored to meet both privacy and accuracy constraints.
3. Imprecision Bounds Management: The system introduces an additional constraint to manage the imprecision bound for each selection predicate. This ensures that the anonymization process respects predefined accuracy limits, maintaining data utility for authorized users.
4. Workload-Aware Anonymization: The proposed approach leverages workload-aware anonymization techniques, optimizing the anonymization process based on the specific selection predicates used by different roles.
5. Empirical Validation and Efficiency: The proposed heuristics for anonymization algorithms have been empirically validated. Results show that the proposed approach satisfies imprecision bounds for a greater number of permissions and achieves lower total imprecision compared to current state-of-the-art methods.
6. Enhanced Privacy and Utility Balance: By focusing on both privacy and accuracy, the proposed system provides a balanced solution that enhances data utility while protecting sensitive information from both unauthorized and authorized users who might compromise privacy.

SYSTEM REQUIREMENTS

SOFTWARE REQUIREMENTS:

•           Web Technologies                             :           HTML, CSS, JS. JSP

•           Programming Language                  :           Java and J2EE

•           Database Connectivity                      :           JDBC

•           Backend Database                            :           MySQL

•           Operating System                              :           Windows 08/10

HARDWARE REQUIREMENTS:

• Processor                                :           Core I3
• RAM Capacity                      :           Java and J2EE
• Hard Disk                              :           JDBC
• Monitor                                  :           MySQL
• Mouse                                     :           Two or Three Button Mouse
• Key Board                   :          Windows 08/10