论文信息 - On Inference Control in Semantic Data Models for Statistical Databases

On Inference Control in Semantic Data Models for Statistical Databases

Abstract A statistical database (SDB) is a database that is used to provide simple. summary statistics about populations stored in the database and that supports statistical data analysis. When SDB users infer protected information in the SDB from responses to queries, we say that the SDB is compromised. The security problem of SDB is to allow simple summary statistics about protected information in the SDB while preventing compromise. In this paper, we consider the SDB security problem in the context of the Data Abstraction (D-A) model, and investigate the effectiveness of rounding SUM and COUNT query responses for preventing compromise due to structural, dynamic and pre-knowledge inferences in the generalization hierarchy of the D-A model. We first round only SUM query responses, permit updates in a single population, and investigate the effect of users' a priori knowledge of a single protected value. It is shown that compromise is possible, and a necessary and sufficient condition for compromise is given. We then round both SUM and COUNT query responses, and introduce techniques of choosing rounding bases for populations in tree-organized hierarchies that either eliminate or restrict structural and dynamic inferences. Finally, we propose the range response technique which eliminates structural and dynamic inferences in general generalization hierarchies.

Gultekin Özsoyoglu | Tzong-An Su | G. Özsoyoglu | T. Su

[1] Gultekin Özsoyoglu,et al. Rounding and Inference Controlin Conceptual Models for Statistical Databases , 1985, 1985 IEEE Symposium on Security and Privacy.

[2] Z. Meral Ozsoyoglu,et al. Update handling techniques in statistical databases , 1981 .

[3] G. Hardy. The Theory of Numbers , 1922, Nature.

[4] Dorothy E. Denning,et al. Memoryless Inference Controls for Statistical Databases , 1982, 1982 IEEE Symposium on Security and Privacy.

[5] Arie Shoshani,et al. Statistical Databases: Characteristics, Problems, and some Solutions , 1982, VLDB.

[6] Shamkant B. Navathe,et al. Logical and Physical Modeling of Statistical Scientific Databases , 1983, SSDBM.

[7] Gultekin Ozsoyoglu,et al. SSDB - AN ARCHITECTURE FOR STATISTICAL DATABASES. , 1984 .

[8] Diane C. P. Smith,et al. Database abstractions: aggregation and generalization , 1977, TODS.

[9] Frank Olken. How Baroque Should a Statistical Database Management System Be? , 1983, SSDBM.

[10] Gultekin Özsoyoglu,et al. Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[11] Dorothy E. Denning,et al. Cryptography and Data Security , 1982 .

[12] Gultekin Özsoyoglu,et al. Statistical database design , 1981, TODS.

[13] Vangalur S. Alagar,et al. Effective inference control mechanisms for securing statistical databases , 1981, AFIPS '81.