Managing consent for data access in shared databases

Osnat Drien, Antoine Amarilli, Yael Amsterdamer

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations


Data sharing is commonplace on the cloud, in social networks and other platforms. When a peer shares data and the platform owners (or other peers) wish to use it, they need the consent of the data contributor (as per regulations such as GDPR). The standard solution is to require this consent in advance, when the data is provided to the system. However, platforms cannot always know ahead of time how they will use the data, so they often require coarse-grained and excessively broad consent. The problem is exacerbated because the data is transformed and queried internally in the platform, which makes it harder to identify whose consent is needed to use or share the query results. Motivated by this, we propose a novel framework for actively procuring consent in shared databases, focusing on the relational model and SPJU queries. The solution includes a consent model that is reminiscent of existing Access Control models, with the important distinction that the basic building blocks - consent for individual input tuples - are unknown. This yields the following problem: how to probe peers to ask for their consent regarding input tuples, in a way that determines whether there is sufficient consent to share the query output, while making as few probes as possible in expectation. We formalize the problem and analyze it for different query classes, both theoretically and experimentally.

Original languageEnglish
Title of host publicationProceedings - 2021 IEEE 37th International Conference on Data Engineering, ICDE 2021
PublisherIEEE Computer Society
Number of pages6
ISBN (Electronic)9781728191843
StatePublished - Apr 2021
Event37th IEEE International Conference on Data Engineering, ICDE 2021 - Virtual, Chania, Greece
Duration: 19 Apr 202122 Apr 2021

Publication series

NameProceedings - International Conference on Data Engineering
ISSN (Print)1084-4627


Conference37th IEEE International Conference on Data Engineering, ICDE 2021
CityVirtual, Chania

Bibliographical note

Publisher Copyright:
© 2021 IEEE.


ACKNOWLEDGEMENTS This work was funded in part by the Israel Science Foundation (grant No. 1157/16) and by ANR-18-CE23-0003-02 (“CQFD”).

FundersFunder number
Israel Science Foundation1157/16


    • Boolean evaluation
    • Consent management
    • Provenance semirings


    Dive into the research topics of 'Managing consent for data access in shared databases'. Together they form a unique fingerprint.

    Cite this