Access control management techniques can reduce the risk of data exfiltration while making privacy-trivial data insights, such as statistical correlations, more accessible. Controlling access to sensitive or private data without unduly restricting essential activities is challenging. Traditional access control techniques, including whitelists, blacklists, and Access Control Lists (ACLs) limit access to sensitive data even when the query output does not contain sensitive information. This approach uses a combination of differential privacy, policy-based access controls, and dynamic query analysis. Dynamic query analysis determines what access controls apply to the output of query, i.e. what output-dependent access controls are appropriate. When output-dependent access controls are appropriate, a policy-based engine determines what level of privilege is required. If the user lacks the required privilege, differential privacy may be applied to the results to prevent exfiltration of sensitive information.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Krueger, Brett, "Output-Dependent Access Control", Technical Disclosure Commons, (October 30, 2019)