Contract No.: 285248 Strategic Objective

FIWARE OpenSpecification Security DBAnonymizer Open RESTful API Specification

Download 1.78 Mb.

Page	39/54
Date	28.01.2017
Size	1.78 Mb.
	#8871

1 ... 35 36 37 38 39 40 41 42 ... 54

20FIWARE OpenSpecification Security DBAnonymizer Open RESTful API Specification

20.1Introduction to the DB Anonymizer API

Please check the following FI-WARE Open Specification Legal Notice (essential patents license) to understand the rights to use this open specification. As all other FI-WARE members, SAP has chosen one of the two FI-WARE license schemes for open specifications.

To illustrate this open specification license from our SAP perspective:

SAP provides the specifications of this Generic Enabler available under IPR rules that allow for a exploitation and sustainable usage both in Open Source as well as proprietary, closed source products to maximize adoption.
This Open Specification is exploitable for proprietary 3rd party products and is exploitable for open source 3rd party products, including open source licenses that require patent pledges.
If the owner (SAP) of this GE spec holds a patent that is essential to create a conforming implementation of the GE spec (i.e. it is impossible to write a conforming implementation without violating the patent) then a license to that patent is deemed granted to the implementation.

20.1.1DB Anonymizer API Core

The DB Anonymizer API is a RESTful API accessed via HTTP. It uses simple data types or binary files for the information exchange. It offers four main functions to trigger computation activities, and four associated functions to retrieve their results. Normally, each computation function considers two inputs:

a dataset, in the form of a DB dump
a disclosure or obfuscation policy.

The main API methods are:

evaluatePolicy receives a DB dump (a single table in MySQL) and an obfuscation (or disclosure) policy file, to compute the likelihood (0->impossibility, 1->certainty) that an attacker can reconstruct exactly the table's content, if it is anonymized using the obfuscation policy.
- getPolicyResult to retrieve the result of the computation.
evaluateColumnRisk receives a DB dump (a single table in MySQL) and computes for each column, an index that represents the impact on the re-identification risk, caused by the disclosure of that column data.
- getColumnRisk to retrieve the result of the computation.
evaluateDeepSearch receives a DB dump (a single table in MySQL), an obfuscation policy file, and an upper-bound value for the acceptable re-identification risk associated to a policy, and computes all permutations to the original policy whose re-identification risk matches the specified upper-bound.
- getDeepSearch to retrieve the result of the computation.
anonymizeDataset receives a DB dump (a single table in MySQL) and an obfuscation policy file and it performs the anonymization operation according to the specified policy.
- getAnonymizeDataset to retrieve the result of the computation.

20.1.2Intended Audience

This specification is intended for software developers and reimplementers of this API. For the former, this document provides a full specification of how to interoperate with DB Anonymizer service, that implements DB Anonymizer API. For the latter, this document is a full specification of which functions and data types are part of DB Anonymizer API, and that must be part of any re-implementation effort.

To use this information, the reader should firstly have a general understanding of the Generic Enabler service (available on DB Anonymizer Open Specification page).

20.1.3API Change History

Current version is: Version 3.3.3, 4/2/2014

The most recent changes are described in the table below:

Revision Date	Changes Summary
Apr 30, 2012	This is the first version of the DB Anonymizer API Guide.
Apr 22, 2013	This is the second version of the DB Anonymizer API Guide, it includes two new functionalities: for analysing the per-column disclosure impact of a re-identification risk computation, and for computing all modifications to a disclosure policy for a specific dataset, to find a set of alternative policies that matches an arbitrary upper-bound for re-identification risk.
Feb 4, 2014	Added the new proactive dataset anonymization functionality plus a number of minor changes not impacting the previously published methods.

20.1.4How to Read This Document

All FI-WARE RESTful API specifications will follow the same list of conventions and will support certain common aspects. Please check Common aspects in FI-WARE Open Restful API Specifications.

In the whole document the assumption is made that the reader is familiarized with REST architecture style. However, the interface was carefully designed to be extremely simple to use, thus to require minimal integration effort from software developers interested in the DB Anonymizer functionalities. Therefore, no special notation or particular constructs were needed in producing this description, but the following simple indications:

A bold font is used to represent code or logical entities, e.g., HTTP method (GET, PUT, POST, DELETE).
An italic font is used to represent document titles or some other kind of special text, e.g., URI.
The variables are represented between brackets, e.g. {id} and in italic font. When the reader find it, can change it by any value.

20.1.5Additional Resources

You can download the most current version of this document from the FIWARE API specification website at http://wiki.fi-ware.eu/Summary_of_FI-WARE_API_Open_Specifications. For more details about the DB Anonymizer that this API is based upon, please refer to the Open Specification website at http://wiki.fi-ware.eu/Summary_of_FI-WARE_Open_Specifications. Related documents, including an Architectural Description, are available at the same site.

Download 1.78 Mb.

Share with your friends:

1 ... 35 36 37 38 39 40 41 42 ... 54