Top

Automatic Control and Computer Sciences

Published in:

01-12-2022

Reactive and Proactive Methods for Database Protection against Logical Inference Attacks

Author: A. A. Poltavtsev

Published in: Automatic Control and Computer Sciences | Issue 8/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

If data is not available to the outside world, it is useless. It must be available so that it can be processed and planned. Regulating and monitoring user access to a database is an important task for the database security community. Protecting a database against logical inference attacks is part of information security to prevent the disclosure of sensitive data through available information (tables and individual records). It is necessary to have methods capable of maintaining a balance between the use of information and the protection of data. The purpose of this work is to compare different inference control methods in order to evaluate the results of methods to minimize both the loss of information and the risk of information disclosure.

previous article Performance Evaluation of Antivirus Systems for Computer Networks

next article Immunization of Complex Networks: Topology and Methods

Poltavtseva, M.A., Evolution of data management systems and their security, 2019 Int. Conf. on Engineering Technologies and Computer Science (EnT), Moscow, 2019, IEEE, 2019, pp. 25–29. https://doi.org/10.1109/EnT.2019.00010

Aleksandrova, E.B., Zegzhda, D.P., and Konoplev, A.S., Applying the group signature for entity authentication in distributed grid computing networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 739–742. https://doi.org/10.3103/S0146411616080265CrossRef

Aleksandrova, E.B. and Shkorkina, E.N., Using undeniable signature on elliptic curves to verify servers in outsourced computations, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1160–1163. https://doi.org/10.3103/S0146411618080023CrossRef

Aleksandrova, E.B., Post-quantum primitives in information security, Nonlinear Phenom. Complex Syst., 2019, vol. 22, no. 3, pp. 269–276.MATH

Aleksandrova, E.B., Poltavtseva, M.A., and Shmatov, V.S., Ensuring the big data integrity through verifiable zero-knowledge operations, Mobile Internet Security. MobiSec 2021, You, I., Kim, H., Youn, TY., Palmieri, F., and Kotenko, I., Eds., Communications in Computer and Information Science, vol. 1544, Singapore: Springer, 2022, pp. 211–221. https://doi.org/10.1007/978-981-16-9576-6_15

Poltavtseva, M.A., Zegzhda, D.P., and Kalinin, M.O., Big data management system security threat model, A-utom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 903–913. https://doi.org/10.3103/S0146411619080261CrossRef

Poltavtseva, M.A. and Kalinin, M.O., Conceptual data modeling using aggregates to ensure large-scale distributed data management systems security, Intelligent Distributed Computing XIII. IDC 2019, Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., and Ivanovic, M., Eds., Studies in Computational Intelligence, vol. 868, Cham: Springer, 2020, pp. 41–47. https://doi.org/10.1007/978-3-030-32258-8_5

Poltavtseva, M. and Tick, A., Automatic control approach to the cyber-physical systems security monitoring, Algorithms and Solutions Based on Computer Technology, Jahn, C., Ungvari, L., and Ilin, I., Eds., Lecture Notes in Networks and Systems, vol. 387, Cham: Springer, 2022, pp. 17–30. https://doi.org/10.1007/978-3-030-93872-7_2

10.

Zegzhda, D.P., Moskvin, D.A., and Myasnikov, A.V., Assurance of cyber resistance of the distributed data storage systems using the blockchain technology, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1111–1116. https://doi.org/10.3103/S0146411618080400CrossRef

11.

Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Architecture of the protected cloud data storage using Intel SGX technology, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1144–1149. https://doi.org/10.3103/S0146411618080394CrossRef

12.

Domingo-Ferrer, J. and Torra, V., Disclosure control methods and information loss for microdata, Confidentiality, Disclosure and Data Access: Theory and Practical Applications for Statistical Agencies, 2001, pp. 91–110.

13.

Domingo-Ferrer, J., Microaggregation for protecting individual data privacy, Proceso de Toma de Decisiones, Modelado y Agregacion de Preferencias TIC-2002-11492-E, 2005, pp. 171–178.

14.

Adam, N.R. and Worthmann, J.C., Security-control methods for statistical databases: A comparative study, ACM Comput. Surv., 1989, vol. 21, no. 4, pp. 515–556. https://doi.org/10.1145/76894.76895CrossRef

15.

Denning, D.E. and Schlörer, J., Inference control for statistical databases, Computer, 1983, vol. 16, no. 7, pp. 69–82. https://doi.org/10.1109/MC.1983.1654444CrossRef

16.

Domingo-Ferrer, J. and Mateo-Sanz, J.M., On the security of cell suppression in contingency tables with quantitative factors, Proc. 3rd Int. Seminar on Statistical Confidentiality, 1996, pp. 208–217.

17.

Domingo-Ferrer, J., Oganian, A., and Torra, V., Information-theoretic disclosure risk measures in statistical disclosure control of tabular data, Proc. 14th Int. Conf. on Scientific and Statistical Database Management, Edinburgh, 2002, IEEE, 2002, pp. 227–231. https://doi.org/10.1109/SSDM.2002.1029724

18.

Garvey, T.D., The inference problem for computer security, Proc. The Computer Security Foundations Workshop V, Franconia, N.H., 1992, IEEE, 1992, pp. 78–81. https://doi.org/10.1109/CSFW.1992.236786

19.

Chakravarthi, R., Shafer, G., and Raman, S., Inference detection using clustering, PhD Thesis, 2001.

20.

Hinke, T.H., Delugach, H.S., and Wolf, R.P., Protecting databases from inference attacks, Comput. Secur., 1997, vol. 16, no. 8, pp. 687–708. https://doi.org/10.1016/S0167-4048(97)87607-9CrossRef

21.

Hoffman, L.J. and Miller, W.F., Getting a personal dossier from a statistical data bank, Datamation, 1970, vol. 16, no. 5, pp. 74–75.

22.

Schlörer, J., Confidentiality and security in statistical data banks, Proc. Workshop on Data Documentation, Reisensburg Castle, Germany, 1975, Munich: Verlag Documentation, 1977, pp. 101–123.

23.

Su, T.-A. and Ozsoyoglu, G., Controlling FD and MVD inferences in multilevel relational database systems, IEEE Trans. Knowl. Data Eng., 1991, vol. 3, no. 4, pp. 474–485.https://doi.org/10.1109/69.109108

Title: Reactive and Proactive Methods for Database Protection against Logical Inference Attacks
Author: A. A. Poltavtsev
Publication date: 01-12-2022
Publisher: Pleiades Publishing
Published in: Automatic Control and Computer Sciences / Issue 8/2022
Print ISSN: 0146-4116
Electronic ISSN: 1558-108X
DOI: https://doi.org/10.3103/S014641162208017X

Springer Professional

Abstract

Please log in to get access to your license.

Other articles of this Issue 8/2022

Review and Comparison of Lightweight Modifications of the AES Cipher for a Network of Low-Power Devices

Intelligent Security Strategy Based on the Selection of the Computer and Neural Network Architecture

Immunization of Complex Networks: Topology and Methods

Immunization of Complex Networks: System of Differential Equations and Dynamic Variation

Computer Network Clustering Methods in Cybersecurity Problems

Two-Component Steganographic System for Embedding Information into Least Significant Bits of Audio Signals