A Bayesian Approach for on-Line Max Auditing

In this paper we consider the on-line max query auditing problem: given a private association between fields in a data set, a sequence of max queries that have already been posed about the data, their corresponding answers and a new query, deny the answer if a private information is inferred or give the true answer otherwise. We give a probabilistic definition of privacy and demonstrate that max queries can be audited in a simulatable paradigm by means of a Bayesian network. Moreover, we show how our auditing approach is able to manage user prior-knowledge.

[1]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[2]  Mary McLeish,et al.  Further results on the security of partitioned dynamic statistical databases , 1989, TODS.

[3]  Steen Andreassen,et al.  A munin network for the median nerve - a case study on loops , 1989, Appl. Artif. Intell..

[4]  Shiuh-Pyng Shieh,et al.  Auditing User Queries in Dynamic Statistical Databases , 1999, Inf. Sci..

[5]  Nina Mishra,et al.  Simulatable auditing , 2005, PODS.

[6]  Jon M. Kleinberg,et al.  Auditing Boolean attributes , 2000, PODS.

[7]  Marina Moscarini,et al.  Auditing sum-queries to make a statistical database secure , 2006, TSEC.

[8]  Gerardo Canfora,et al.  A Bayesian approach for on-line max and min auditing , 2008, PAIS '08.

[9]  David Heckerman,et al.  Causal Independence for Knowledge Acquisition and Inference , 1993, UAI.

[10]  Josep Domingo-Ferrer,et al.  Inference Control in Statistical Databases, From Theory to Practice , 2002 .

[11]  Francis Y. L. Chin,et al.  Security problems on inference control for SUM, MAX, and MIN queries , 1986, JACM.

[12]  Gerardo Canfora,et al.  Reasoning under Uncertainty in On-Line Auditing , 2008, Privacy in Statistical Databases.

[13]  Judea Pearl,et al.  Probabilistic reasoning in intelligent systems - networks of plausible inference , 1991, Morgan Kaufmann series in representation and reasoning.

[14]  Steven P. Reiss Security in Databases: A Combinatorial Study , 1979, JACM.

[15]  Gultekin Özsoyoglu,et al.  Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[16]  Mitchell Watnik,et al.  Pay for Play: Are Baseball Salaries Based on Performance? , 1998 .

[17]  Gerardo Canfora,et al.  A Bayesian Approach for on-Line Max Auditing , 2008, ARES.

[18]  Rajeev Motwani,et al.  Towards robustness in query auditing , 2006, VLDB.