AN INTEGRATED FRAMEWORK FOR TO PROTECT SENSITIVE INFORMATION FROM AUTHORIZED USERS

Abstract: In Previous days to protect the Sensitive information from unauthorized users generally by using Access control mechanism. The integrated framework is a combination of Access control policies and Privacy Protection Mechanism (PPM). However, when sensitive information is shared and a Privacy Protection Mechanism (PPM) is not in place, an authorized user can still compromise the privacy of a person leading to identity disclosure. A PPM can use suppression and generalization of relational data to anonymize and satisfies privacy requirements, e.g., k-anonymity and l-diversity, against identity and attribute disclosure. In this paper, we propose an Integrated framework it s a combination of accuracy-constrained privacy-preserving access control framework. The access control policies define selection predicates available to roles while the privacy requirement is to satisfy the k-anonymity or l-diversity. An additional constraint that needs to be satisfied by the PPM is the imprecision bound for each selection predicate. The techniques for workload-aware anonymization for selection predicates have been discussed in the literature. However, to the best of our knowledge, the problem of satisfying the accuracy constraints for multiple roles has not been studied before. In this paper the focus is on a static relational table that is anonymized only once. To exemplify our approach, role-based access control is assumed.

Keywords: Access control polices, privacy, Anomity methods, Query evaluation.