Abstract
GDPR in Europe and similar regulations, such as the California CCPA, require new levels of privacy support for consumers. Most challenging to IT departments is the “right to be forgotten”. Hence, an enterprise must ensure that ALL information about a specific consumer be deleted from enterprise storage, when requested. Since enterprises are internally heavily “siloed”, sharing of information is usually accomplished by copying data between systems. This makes finding and deleting all copies of data on a particular consumer difficult.
GDPR also requires the notion of purposes, which is an access control model orthogonal to the one customarily in SQL. Herein, we sketch an implementation of purposes and show how it fits within a conventional access control framework.
We then propose two solutions to supporting GDPR in a DBMS. When a “green field” environment is present, we propose a solution which directly supports the process of ensuring GDPR compliance at enterprise-scale. Specifically, it is designed to store every fact about a consumer exactly once. Therefore, the right to be forgotten is readily supported by deleting that fact. On the other hand, when dealing with legacy systems in the enterprise, we propose a second solution which tracks all copies of personal information, so they can be deleted on request. Of course, this solution entails additional overhead in the DBMS.
Once data leaves the DBMS, it is in some application. We propose “sandboxing” applications in a novel way that will prevent them from leaking data to the outside world when inappropriate. Lastly, we discuss the challenges associated with auditing and logging of data. This paper sketches the design of the above GDPR compliant facilities, which we collectively term SchengenDB.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Regulation (EU) 2016/679 of the European Parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (General Data Protection Regulation). https://eur-lex.europa.eu/eli/reg/2016/679/oj. Accessed 25 May 2010
Chandramouli, R., Sandhu, R.: Role-based access control features in commercial database management systems. In: Proceedings of the 21st National Information Systems Security Conference (NISSC 1998) (1998)
Glavic, B., Alonso, G.: Perm: processing provenance and data on the same data model through query rewriting. In: 2009 IEEE 25th International Conference on Data Engineering, pp. 174–185, March 2009
Google: Google cloud and the GDPR, Technical report. https://cloud.google.com/security/gdpr/
Oracle: 5 perspectives on GDPR. https://www.oracle.com/applications/gdpr/
Psallidas, F., Wu, E.: Smoke: fine-grained lineage at interactive speed. PVLDB 11(6), 719–732 (2018)
Rayani, A.: Safeguard individual privacy rights under GDPR with the Microsoft intelligent cloud. https://www.microsoft.com/en-us/microsoft-365/blog/2018/05/25/safeguard-individual-privacy-rights-under-gdpr-with-the-microsoft-intelligent-cloud/
Shah, A., Banakar, V., Shastri, S., Wasserman, M., Chidambaram, V.: Analyzing the impact of GDPR on storage systems. CoRR, abs/1903.04880 (2019)
Shastri, S., Wasserman, M., Chidambaram, V.: The seven sins of personal-data processing systems under GDPR. In: 11th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 2019), Renton, WA. USENIX Association (2019)
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51(6), 82 (2008)
Widom, J.: Trio: a system for integrated management of data, accuracy, and lineage, pp. 262–276, January 2005
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Kraska, T., Stonebraker, M., Brodie, M., Servan-Schreiber, S., Weitzner, D. (2019). SchengenDB: A Data Protection Database Proposal. In: Gadepally, V., et al. Heterogeneous Data Management, Polystores, and Analytics for Healthcare. DMAH Poly 2019 2019. Lecture Notes in Computer Science(), vol 11721. Springer, Cham. https://doi.org/10.1007/978-3-030-33752-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-33752-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33751-3
Online ISBN: 978-3-030-33752-0
eBook Packages: Computer ScienceComputer Science (R0)