Hippocratic Database (HDB) Technology Projects

Hippocratic Database (HDB) technology, which respects the privacy of data it manages. HDB is application and database agnostic technology that allows current business operations to proceed with minimal or no changes to existing systems, while ensuring that disclosure concerns (i.e. privacy policy, security policy, legislation, etc.) are not an issue. The technology is applicable to any industry with disclosure management concerns (e.g. Healthcare, Finance, Government, etc.). Currently, the technology set includes:

• Active Enforcement - automates cell-level, policy-based disclosure management such that databases only return data that is consistent with company policies, applicable legislation, and customer preferences
• Compliance Auditing - records all queries and changes to the database and uses this information to construct detailed audit trails that specify the user, recipient, purpose, time, and exact (cell-level) information disclosed for any particular database query
• Sovereign Information Integration (formerly Secure Information Sharing and Sovereign Information Sharing) - allows two parties to share information about intersections between data sets without compromising the privacy or security of the remaining data
• Privacy-preserving data mining - preserves privacy at the individual level, while still allowing accurate data mining models at the aggregate level.
• Database Watermarking - allows one to deter data theft and assert ownership rights over pirated copies.
• Order Preserving Encryption - enabling database systems to execute queries over encrypted data without incurring significant performance hit or unnecessary cryptographic calls and still being able ot utilize the existing database functionality
• BA k-anonymity - enabling optimized data de-identification resistant to data linkage attacks

Our current extensions to the HDB technology suite are Query Ranking and Sticky Policy Enforcement.

Do you want Hippocratic Database Technology for your organisation? Think about a Services engagement or an ODIS engagement.

• Technology Overview Deck (Financial Industry outlook)
  
• Industry-specific decks for HDB Active Enforcement and Compliance Auditing
• Healthcare
• Detailed Deck
• Value Proposition Deck
• Asset Overview
• Finance
• Detailed Deck
• Value Proposition Deck
• Asset Overview

• R. Agrawal, J. Kiernan, R. Srikant and Y. Xu. "Hippocratic Databases". Proc. of the 28th Int'l Conf. on Very Large Databases (VLDB 2002), Hong Kong, China, August 2002.
• R. Agrawal and J. Kiernan. "Watermarking Relational Databases". Proc. of the 28th Int'l Conf. on Very Large Databases (VLDB 2002), Hong Kong, China, August 2002.
• A. Evfimievski, R. Srikant, R. Agrawal and J. Gehrke. "Privacy Preserving Mining of Association Rules". Proc. of the 8th ACM SIGKDD Int'l Conference on Knowledge Discovery in Databases and Data Mining, Edmonton, Canada, July 2002.
• A. Evfimievski, J. Gehrke and R. Srikant. "Limiting Privacy Breaches in Privacy Preserving Data Mining". Proc. of the ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, San Diego, California, June 2003.
• R. Agrawal, A. Evfimievski and R. Srikant. "Information Sharing across Private Databases". Proc. of the ACM SIGMOD Conference on Management of Data, San Diego, California, June 2003.
• R. Agrawal, J. Kiernan, R. Srikant and Y. Xu. "Order-Preserving Encryption for Numeric Data". Proc. of the ACM SIGMOD Conference on Management of Data, Paris, France, June 2004.
• K. Lefevre, R. Agrawal, V. Ercegovac, R. Ramakrishnan, Y. Xu, D. DeWitt. "Limiting Disclosure in Hippocratic Databases". Proc. of the 30th Int'l Conf. on Very Large Databases (VLDB 2004), Toronto, Canada, August 2004.
• R. Agrawal, R. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau and R. Srikant. "Auditing Compliance with a Hippocratic Database". Proc. of the 30th Int'l Conf. on Very Large Databases (VLDB 2004), Toronto, Canada, August 2004.
• R. J. Bayardo and R. Agrawal. "Data Privacy Through Optimal k-Anonymization". Proc. of the 21st Int'l Conf. on Data Engineering (ICDE 2005), Tokyo, Japan, April 2005.
• Rakesh Agrawal, Alexandre Evfimievski, Jerry Kiernan, Raja Velu. "Auditing Disclosure by Relevance Ranking", To appear in 26th ACM SIGMOD Intl Conference on Management of Data. Beijing, China. June 2007

• Overview
• Active Enforcement
• Compliance Auditing
• Sovereign Information Integration