Abstract
A regression methodology based technique can be used to compromise confidentiality in a statistical database. This holds true even when the DBMS prevents application of regression methodology to the database. Existing inference controls, including cell restriction, perturbation, and table restriction approaches, are shown to be generally ineffective against this compromise technique. The effect of incomplete supplemental knowledge on the regression methodology based compromise technique is examined. Finally, some potential complicators of this disclosure scheme are introduced.
- 1 ALAGAR, V. Complexity of compromising statistical databases. Tech. Rep., Dept. of Computer Science, Concordia Univ., Montreal, Nov. 1980.Google Scholar
- 2 AMERICAN STATISTICAL ASSOCIATION. Report of the ASA Ad Hoc Committee on Privacy and Confidentiality. Am. Stat. 31, 2 (May 1977), 59-78.Google Scholar
- 3 AMERICAN STATISTICAL ASSOCIATION. Business directories: Findings and recommendations of the ASA Committee on Privacy and Confidentiality. Am. Star. 34, 1 (Feb. 1980), 8-10.Google Scholar
- 4 BECK, L.L. A security mechanism for statistical databases. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 316-338. Google ScholarDigital Library
- 5 BUCK, S.F. A method of estimation of missing values in multivariate data suitable for use with an electronic computer. J. Roy. Stat. Soc. Ser. B.22 (1960), 302-307Google Scholar
- 6 CENSUS OF POPULATION AND HOUSING. 1980: Public-use microdata sample (C sample), New York State {machine-readable data file}. Prepared by the Bureau of the Census, Washington, D.C., 1983.Google Scholar
- 7 CHIN, F. Y., AND OZSOYO(~LU, G. Auditing and inference control in statistical databases. IEEE Trans. Softw. Eng. SE-8, 6 (Nov. 1982), 574-582.Google ScholarDigital Library
- 8 Cox, L. H., AND ERNST, L.R. Controlled Rounding. U.S. Bureau of the Census, Washington, D.C., 1981.Google Scholar
- 9 DALENIUS, T. The invasion of privacy problem and statistics production--an overview. Statistik Tidskrift 12 (1974), 213-225.Google Scholar
- 10 DALENIUS, T. Towards a methodology for statistical disclosure control. Statistik Tidskrift 15 (1977), 429-444.Google Scholar
- 11 DALEN{US, T., AND REINS, S. Data-swapping: A technique for disclosure control. J. Star. Plan. In{erence 6, 1 (Jan. 1982), 73-85.Google Scholar
- 12 DENNWNG, D. A review of the research of statistical database security, in Foundations o{ Secure Computation, R. DeMillo, D. Dobkin, A. Jones, and R. Lipton, Eds. Academic Press, New York, 1978, 15-25.Google Scholar
- 13 DENNING, D. AMD SCHLORER, J. Inference controls for statsitical databases. IEEE Computer 16, 7 (July 1983), 69-82.Google ScholarDigital Library
- 14 DURBIN, J. Statistics and the report of the data protection committee. J. Roy. Star. Soc. Ser. A 142, 3 (!979), 99.q-.~n8Google Scholar
- 15 IMSL. international Mathematical and Statistical Libraries, subroutine GGNML. IMSL, Houston, Tex.Google Scholar
- 16 KEMPTHORNE, O. President's Column. Inst. Math. Star. Bull. 14, 4 (May 1985), 165-166.Google Scholar
- 17 LOYNES, R. M. Discussion of the papers by Professor Dalenius and by Professor Durbin. J. Roy. Star. Soc. Ser. A 142, 3 (1979), 325-326.Google Scholar
- 18 MEYER, P. L. Introductory Probability and Statistical Applications. 2nd ed. Addison-Wesley, Reading, Mass., 1970.Google Scholar
- 19 PALLEY, M.A. Security of statistical databases--invasion of privacy through attribute correlational modeling. Ph.D. dissertation, Graduate School of Business Administration, New York Univ., 1985. Google ScholarDigital Library
- 20 PALLEY, M.A. Security of statistical databases: Compromise through attribute correlational modeling. In Proceedings of the 2nd international Con{erence on Data Engineering {Los Angeles, Calif., 1986), IEEE, New York 1986 Google ScholarDigital Library
- 21 SCHLORER, J. Disclosure from statistical databases: Quantitative aspects of trackers. ACM Trans. Database Syst. 5, 4 (Dec. 1980), 467-492. Google ScholarDigital Library
- 22 SHOSHANI, A. Statistical databases: Characteristics, problems, and some solutions. In proceeedings of the 8th International Con{ereru~e on Very Large Data Bases (Mexico City, 1982), 208-222. Google ScholarDigital Library
- 23 SPRUILL, N.L. The confidentiality and analytic usefulness of masked business microdata. In ASA Proceedings Securi~ Surve~ Research Methods. American Statistical Association, Washington, D.C., 1983, (302-607.Google Scholar
- 24 TRAUB, J. F., WOZNIAKOWSKI, H., AND YEMINI, Y. The statistical security of a statistical database. ACM Trans. Database Syst. 9, 4 (Dec. 1984), 672-679. Google ScholarDigital Library
- 25 ULLMAN, J.D. Principles of Database Systems. Computer Science Press, Rockville, Md., 1982. Google ScholarDigital Library
- 26 DENNING, D. Secure statistical databases with random sample queries. A CM Trans. Database Syst. 5, 3 (Sept. 1980), 291-315. Google ScholarDigital Library
Index Terms
- The use of regression methodology for the compromise of confidential information in statistical databases
Recommendations
Compromise-resilient anti-jamming communication in wireless sensor networks
Jamming is a kind of Denial-of-Service attack in which an adversary purposefully emits radio frequency signals to corrupt the wireless transmissions among normal nodes. Although some research has been conducted on countering jamming attacks, few works ...
The Security of Confidential Numerical Data in Databases
Organizations are storing large amounts of data in databases for data mining and other types of analysis. Some of this data is considered confidential and has to be protected from disclosure. When access to individual values of confidential numerical ...
Comments