Discussion: Pros and Cons of the Various Approaches

This report provides a summary of the issues raised in an afternoon discussion at the First Invitational Workshop on Database Security, hosted by SRI International in Menlo Park, CA. The topic of the discussion was to review the pros and cons of the various approaches to the design of secure database systems as described by the speakers that morning. However, the actual discussion quickly narrowed to the problems of aggregation and inference, particularly with regards to proposals for handling these problems in the systems described. Because these topics became primary areas of study throughout the workshop, the session described below must be regarded as only a preliminary discussion of issues that were explored in greater detail (and with greater collective insight!) in later sessions. For this reason, we have felt it appropriate to append a section entitled “retrospective,” relating the preliminary topics raised during our discussion session with the insights gained later in the workshop.