Inferences from Attribute-Disjoint and Duplicate-Preserving Relational Fragmentations

The transmission of own and partly confidential data to another agent, e.g., for cloud computing, comes along with the risk of enabling the receiver to infer information he is not entitled to learn. We consider a specific countermeasure against unwanted inferences about associations between data values whose combination of attributes are declared to be sensitive. This countermeasure fragments a relation instance into attribute-disjoint and duplicate-preserving projections such that no sensitive attribute combination is contained in any projection. Though attribute-disjointness is intended to make a reconstruction of original data impossible for the receiver, the goal of inference-proofness will not always be accomplished. In particular, inferences might be based on combinatorial effects, since duplicate-preservation implies that the frequencies of value associations in visible projections equals those in the original relation instance. Moreover, the receiver might exploit functional dependencies, numerical dependencies and tuple-generating dependencies, as presumably known from the underlying database schema. We identify several conditions for a fragmentation to violate inference-proofness. Besides complementing classical results about lossless decompositions, our results could be employed for designing better countermeasures.

[1]  Bernhard Thalheim The Database Design Process in HERM , 2000 .

[2]  Solmaz Kolahi,et al.  An information-theoretic analysis of worst-case redundancy in database design , 2008, TODS.

[3]  Rajeev Motwani,et al.  Distributing data for secure database services , 2011, PAIS '11.

[4]  Joachim Biskup,et al.  Optimality and Complexity of Inference-Proof Data Filtering and CQE , 2014, ESORICS.

[5]  Philip S. Yu,et al.  Introduction to Privacy-Preserving Data Publishing: Concepts and Techniques , 2010 .

[6]  Gyula O. H. Katona,et al.  The Characterization of Branching Dependencies , 1992, Discret. Appl. Math..

[7]  John Grant,et al.  Inferences for Numerical Dependencies , 1985, Theor. Comput. Sci..

[8]  Attila Sali,et al.  Generalized Dependencies in Relational Databases , 1998, Acta Cybern..

[9]  Joachim Biskup,et al.  On the Inference-Proofness of Database Fragmentation Satisfying Confidentiality Constraints , 2011, ISC.

[11]  Joachim Biskup,et al.  Selected Results and Related Issues of Confidentiality-Preserving Controlled Interaction Execution , 2016, FoIKS.

[12]  Joachim Biskup,et al.  Database Fragmentation with Encryption: Under Which Semantic Constraints and A Priori Knowledge Can Two Keep a Secret? , 2013, DBSec.

[13]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[14]  Sushil Jajodia,et al.  Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients , 2009, DBSec.

[15]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[16]  Serge Abiteboul,et al.  Foundations of Databases , 1994 .

[17]  Catriel Beeri,et al.  Formal Systems for Tuple and Equality Generating Dependencies , 1984, SIAM J. Comput..

[18]  Sebastian Link,et al.  Appropriate inferences of data dependencies in relational databases , 2012, Annals of Mathematics and Artificial Intelligence.

[19]  Thomas Schwentick,et al.  Solving Equations in the Relational Algebra , 2004, SIAM J. Comput..

[20]  Ronald Fagin,et al.  An Equivalence Between Relational Database Dependencies and a Fragment of Propositional Logic , 1981, JACM.

[21]  W. W. Armstrong,et al.  Dependency Structures of Data Base Relationships , 1974, IFIP Congress.

[22]  Xiaofeng Xu,et al.  Database Fragmentation with Confidentiality Constraints: A Graph Search Approach , 2015, CODASPY.

[23]  Bernhard Thalheim,et al.  Entity-relationship modeling - foundations of database technology , 2010 .

[24]  Rajeev Motwani,et al.  Two Can Keep A Secret: A Distributed Architecture for Secure Database Services , 2005, CIDR.

[25]  Leonid Libkin Certain answers as objects and knowledge , 2016, Artif. Intell..

[26]  Sushil Jajodia,et al.  Keep a Few: Outsourcing Data While Maintaining Confidentiality , 2009, ESORICS.

[27]  Sven Hartmann,et al.  On the implication problem for cardinality constraints and functional dependencies , 2001, Annals of Mathematics and Artificial Intelligence.

[28]  Sushil Jajodia,et al.  Combining fragmentation and encryption to protect privacy in data storage , 2010, TSEC.

[29]  Sushil Jajodia,et al.  Fragmentation in Presence of Data Dependencies , 2014, IEEE Transactions on Dependable and Secure Computing.