Policy Compliance of Queries for Private Information Retrieval
Abstract
The use of Private Information Retrieval (PIR) techniques enable clients to retrieve items from cooperating databases without revealing either the queries or the information being retrieved. In order to prevent clients from accessing information that they are not authorized to access, it must be possible to prove that the queries being posed are compliant with a set of privacy policies previously agreed upon by the clients and database owners. Efforts to address privacy in these situations have been dominated by techniques that assume that most clients are malicious and focus on helping database owners restrict access to data. With the current push towards need-to-share, we suggest alternative approaches such as the application of accountability mechanisms. These mechanisms include the use of formalisms that can express realistic data-use policies, automated reasoning engines that can interpret those policies, automatically determining whether particular queries are policy-compliant, and justifications to enable users to understand the compliance decision and the policies.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 01, 2010
- Accession Number
- ADA533742
Entities
People
- Lalana Kagal
Organizations
- Massachusetts Institute of Technology