Vast amounts of information of all types is collected daily about people by governments, corporations and individuals. The information is collected, for example, when users register to or use online applications, receive health related services, use their mobile phones, utilize search engines, or perform common daily activities. As a result, there is an enormous quantity of privately-owned records that describe individuals finances, interests, activities, and demographics. These records often include sensitive data and may violate the privacy of the users if published.The common approach to safeguarding user information, or data in general, is to limit access to the storage (usually a database) by using and authentication and authorization protocol. This way, only users with legitimate permissions can access the user data. However, even in these cases some of the data is required to stay hidden or accessible only to a specific subset of authorized users. Our talk focuses on possible malicious behavior by users with both partial and full access to queries over data. We look at privacy attacks that meant to gather hidden information and show methods that rely mainly on the underlying data structure, query types and behavior, and data format of the database. We will show how to identify the potential weaknesses and attack vectors for various scenarios and data types, and offer defenses against them.
Joint CS/ISG seminar.
Michael Segal is a Professor of Communication Systems Engineering at Ben-Gurion University of the Negev, known for his work in ad-hoc and sensor networks. Segal has published over 160 scientific papers and he is serving as the Editor-in-Chief for the Journal of Computer and System Sciences. Michael Segal is a past head of the Department (2005-2010) and also held a visiting professorship at Cambridge and Liverpool Universities. Prof. Segal tackles are fundamental optimization problems that have applications in transportation, station placement, communication, facility location, graph theory, statistics, selection, geometric pattern matching, layout of VLSI circuits and enumeration. His research has been funded by many academic and industrial organizations including Israeli Science Foundation, US Army Research Office, Deutche Telecom, IBM, France Telecom, INTEL, Israeli Innovation Agency, General Motors and many others.