A Practical Database Security Model Using Purpose- Based Database Access Control and Group Concept

Personal information that is collected online can be misused and abused. Therefore, data security techniques that restrict the usage of data only to purposes specified by data providers are needed. The LDHD model, a well-known database security model, expresses the purpose of data provision in the unit of cell in order to have a detailed control over privacy preservation. However, since this model collects metadata for every pair of users and purposes, its metadata becomes much larger than the actual data themselves and the introduction of a new data user incurs significant changes to the metadata. Thus, it is just an ideal database security model which can hardly be applied to current database management systems. To resolve these problems, this paper first identifies the requirements of database management systems supporting privacy preservation and then suggests a practical database security model called PBDM+G. Instead of collecting metadata for every pair of users and purposes, the PBDM+G model collects it for every purpose, and the collected metadata are grouped for duplicate elimination. The experimental result shows that the PBDM+G model consumes at most 10% of the space needed for the LDHD model while reducing query processing time up to 23.6%. Keywords-database security; access control; privacy preservation