Preserving Access Privacy Over Large Databases

Anonymity systems preserve the identities of users as they access Internet data sources. The security of many such systems, such as Tor, relies on a model where the adversary does not have a global view or control of the network. A different problem is that of preserving access privacy for users accessing a large database over the Internet in a model where the adversary has full control of the database. Private information retrieval (PIR) schemes are designed to prevent an adversary controlling the database from being able to learn any information about the access patterns of users. However, the state-of-the-art PIR schemes have a high computational overhead that makes them expensive for querying large databases. In this paper, we develop an access privacy technique and system for querying large databases. Our technique explores constraint-based query transformations, offline data classification, and privacypreserving queries to index structures much smaller than the databases. Our approach enables the querying of a large database by statically specifying or dynamically defining database portions on keys, possibly with high diversity in their range of values, thereby minimizing information leakage about the potential data items of interest to users. In addition, our approach requires minimal user intervention and allows users to specify descriptions of their privacy preferences and delay tolerances along with their input queries to derive transformed queries capable of satisfying the input constraints when executed. We evaluated the system using patent data made available by the United States Patent and Trademark Office through Google Patent; however, the approach has a much wider application and the system developed can be adapted and deployed for use with many user-centric privacy-preserving systems, thereby making access privacy obtainable for today’s Internet users.