How Design Relates with Privacy Considerations
Database privacy is a serious issue because it can violate confidentiality and or release sensitive data into the wrong hands. This problem occurs as a result of rules in the database management system which allow for access to private information. These rules are prone to being violated in certain situations such as unauthorized use by users, mistakes in policies, poorly designed database structures, and malware. Because databases are designed to be user friendly and allow access they are prone to these issues. Security in many databases is designed in layers using access control, authentication, and encryption. Most importantly, users need to be provided access rights based on policies. These access rights are coupled with privacy constraints or rules which allow for data access based on user context and content.
This means that information is constrained using rules such as integrity or dependencies. For example, if a user has access to medical billing information it would stand to reason that the same user would also have access to address and phone number information. As such a dependency rule is made so that the user can access this information. But this same user may not have access to the person’s medical information such as diagnosis due to association based rules in the database schema.
Thuraisingham, B. (2005). Privacy constraint processing in a privacy-enhanced database management system. Retrieved from University fo Texas: http://www.utdallas.edu/~bxt043000/Publications/Journal-Papers/DAS/J35_Privacy_constraint_processing_in_a_privacy-enhanced_database_management_system.pdf
Vincent Triola. Tue, Mar 09, 2021. Database Privacy Issues Retrieved from https://vincenttriola.com/blogs/ten-years-of-academic-writing/database-privacy-issues