Abstract
The basic inference problem is defined as follows: For a finite set X = {xi, … , xn}, we wish to infer properties of elements of X on the basis of sets of "queries" regarding subsets of X. By restricting these queries to statistical queries, the statistical database (SDB) security problem is obtained. The security problem for the SDB is to limit the use of the SDB so that only statistical information is available and no sequence of queries is sufficient to infer protected information about any individual. When such information is obtained the SDB is said to be compromised. In this paper, two applications concerning the security of the SDB are considered:
On-line application. The queries are answered one by one in sequence and it is necessary to determine whether the SDB is compromised if a new query is answered.
Off-line application. All queries are available at the same time and it is necessary to determine the maximum subset of queries to be answered without compromising the SDB.
The complexity of these two applications, when the set of queries consists of (a) a single type of SUM query, (b) a single type of MAX/MIN query, (c) mixed types of MAX and MIN queries, (d) mixed types of SUM and MAX/MIN queries, and (e) mixed types of SUM, MAX, and MIN queries, is studied. Efficient algorithms are designed for some of these situations while others are shown to be NP-hard.
- 1 ACHUGBUE, J. D., AND CHIN, F.Y. The effectiveness of output modification by rounding for protection of statistical databases. INFOR 17, 3 (1979), 209-218.Google Scholar
- 2 BECK, L.L. A security mechanism for statistical databases. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 316-338. Google Scholar
- 3 CHIN, F.Y. Security in statistical databases for queries with small counts. ACM Trans. Database Syst. 3, I (Mar. 1978), 92-104. Google Scholar
- 4 CHIN, F. Y., AND KOSSOWSKI, P. Efficient inference control for range sum queries on statistical databases. In Proceedings of the 1st LBL Workshop on Statistical Database Management (Dec.). Menlo Park, Calif., 198 l, pp. 239-248. Google Scholar
- 5 CHIN, F. Y., AND KOSSOWSKI, P. The theory of secure policies for inference control by auditing in statistical databases (unpublished manuscript).Google Scholar
- 6 CHIN, F. Y., AND OZSOYOGLU, G. Statistical database design. ACM Trans. Database Syst. 6, l (Mar. 1981), 113-139. Google Scholar
- 7 CHIN, F. Y., AND OZSOYOGLU, G. Auditing and inference control in statistical databases. IEEE Trans. Softw. Eng. SE-8, 6 (Nov. 1982), 574-582.Google Scholar
- 8 DAVIDA, G., LINTON, D., SZELAG, G., AND WELLS, D. Security of statistical databases. IEEE Trans. Softw. Eng. SE-4, 6 (Nov. 1978), 531-533.Google Scholar
- 9 DEMILLO, R., DOBKIN, D., AND LIPTON, R.j. Combinatorial inference. In Foundations of Secure Computation, R. DeMillo et al., Eds. Academic Press, Orlando, Fla., 1978, pp. 27-38 (presented at a 3-day workshop held at Georgia Institute of Technology, Atlanta, Oct. 1977).Google Scholar
- 10 DENNING, D.E. Secure statistical databases with random sample queries. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 291-315. Google Scholar
- 11 DENNING, O. E., DENNING, P. J., AND SCHWARTZ, M. O. The tracker: A threat to statistical database security. ACM Trans. Database Syst. 4, l (Mar. 1979), 76-96. Google Scholar
- 12 GAREY, M., JOHNSON, D., AND STOCKMEYER, L. Some simplified NP-complete graph problems. J. Theoret. Comput. Sci. I (1976), 237-267.Google Scholar
- 13 KAM, J. B. AND ULLMAN, J.D. A model of statistical databases and their security. ACM Trans. Database Syst. 2, l (Mar. 1977), 1-10. Google Scholar
- 14 REISS, S.P. Medians and database security. In Foundations of Secure Computations. Academic Press, Orlando, Fla., 1978, pp. 57-92.Google Scholar
- 15 REISS, S.P. Security in databases: A combinatorial study. J. ACM 26, l (Jan. 1979), 45-57. Google Scholar
- 16 SCHLORER, J. Disclosure from statistical databases: Quantitative aspects of trackers. ACM Trans. Database Syst. 5, 4 (Dec. 1980), 467-492. Google Scholar
- 17 Yu, C. T., AND CHIN, F.Y. A study on the protection of statistical databases. In Proceedings of the ACM SIGMOD International Conference on Management of Data. ACM, New York, 1977, pp. 169-181. Google Scholar
Index Terms
- Security problems on inference control for SUM, MAX, and MIN queries
Recommendations
Auditing Categorical SUM, MAX and MIN Queries
PSD '08: Proceedings of the UNESCO Chair in data privacy international conference on Privacy in Statistical DatabasesAuditing consists in logging answered queries and checking, each time that a new query is submitted, that no sensitive information is disclosed by combining responses to answered queries with the response to the current query. Such a method for ...
Parity-based inference control for multi-dimensional range sum queries
This paper studies the inference control of multi-dimensional range (MDR) sum queries. We show that existing inference control methods are usually inefficient for MDR queries. We then consider parity-based inference control that restricts users to ...
Auditing Sum Queries
ICDT '03: Proceedings of the 9th International Conference on Database TheoryIn an on-line statistical database, the query system should leave unanswered queries asking for sums that could lead to the disclosure of confidential data. To check that, every sum query and previously answered sum queries should be audited. We show ...
Comments