Given a query result of a big database, why-provenance can be used to calculate the necessary part of this database, consisting of so-called witnesses. If this database consists of personal data, privacy protection has to prevent the publication of these witnesses. This implies a natural conflict of interest between publishing original data (provenance) and protecting these data (privacy). In this paper, privacy goes beyond the concept of personal data protection. The paper gives an extended definition of privacy as intellectual property protection. If the provenance information is not sufficient to reconstruct a query result, additional data such as witnesses or provenance polynomials have to be published to guarantee traceability. Nevertheless, publishing this provenance information might be a problem if (significantly) more tuples than necessary can be derived from the original database. At this point, it is already possible to violate privacy policies, provided that quasi identifiers are included in this provenance information. With this poster, we point out fundamental problems and discuss first proposals for solutions.

中文翻译：

---

来源查询的隐私方面

给定一个大型数据库的查询结果，为什么原因可用于计算该数据库的必要部分，其中包括所谓的见证人。如果此数据库包含个人数据，则隐私保护必须阻止这些证人的公开。这意味着在发布原始数据（来源）和保护这些数据（隐私）之间存在自然的利益冲突。在本文中，隐私超越了个人数据保护的概念。本文给出了将隐私作为知识产权保护的扩展定义。如果出处信息不足以重建查询结果，则必须发布其他数据（例如证人或出处多项式）以确保可追溯性。不过，如果（可以）从原始数据库派生出比必要多得多的元组，则发布此出处信息可能是一个问题。在这一点上，只要准标识包含在该出处信息中，就有可能违反隐私策略。借助此海报，我们指出了基本问题并讨论了解决方案的第一个建议。