Precomputation of privacy policy parameters for auditing SQL queries

A privacy auditing framework for Hippocratic databases accepts an audit expression and returns all user queries stored in User Access Log (UAL) that satisfy the expression. The audit expression is formed by the audit officer. The expression specifies a target data (sensitive data subject to disclosure review), a time duration and privacy policy parameters related constraints. Determining privacy policy parameters for an audit expression is a tedious task in absence of any assistance to the audit officer, as privacy policy of an enterprise can be complex. We therefore propose and present a malafide intention based framework for their precomputation, which maps a target data description or a malafide intention of an attacker to privacy parameters and hence assists the auditing officer in formation of a precise and unambiguous audit expression. The framework also makes the task of target data specification easier by the use of defined malafide intentions for a domain.