Olap Means On-line Anti-privacy *

In this paper we investigate the privacy breaches caused by multi-dimensional range sum queries in OLAP (Online Analytic Processing) systems. Our results show that the sensitive information stored in the underlying data warehouses can be easily compromised by malicious users with legitimate range queries. This compromise is possible even when users are restricted to some special class of range queries. We present algorithms that compromise individual tuples with only range queries. We study the conditions under which the compromises are possible. We also analyze the number of queries required for each compromise, as well as the complexity and completeness of those algorithms. Our study reveals the seriousness of the privacy issue in OLAP systems and provide better understanding of the problem for further research on the control methods.

[1]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, CSUR.

[2]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[3]  N. Megiddo,et al.  Range queries in OLAP data cubes , 1997, SIGMOD '97.

[4]  Sushil Jajodia,et al.  Auditing Interval-Based Inference , 2002, CAiSE.

[5]  Jon M. Kleinberg,et al.  Auditing Boolean attributes , 2000, PODS.

[6]  Charu C. Aggarwal,et al.  On the design and quantification of privacy preserving data mining algorithms , 2001, PODS.

[7]  Alexandre V. Evfimievski,et al.  Privacy preserving mining of association rules , 2002, Inf. Syst..

[8]  P. Y. Chin,et al.  Security is partitioned dynamic stastical databases , 1979, COMPSAC.

[9]  Gultekin Özsoyoglu,et al.  Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[10]  Nimrod Megiddo,et al.  Range queries in OLAP data cubes , 1997, SIGMOD '97.

[11]  Dorothy E. Denning,et al.  A fast procedure for finding a tracker in a statistical database , 1980, TODS.

[12]  Jayant R. Haritsa,et al.  Maintaining Data Privacy in Association Rule Mining , 2002, VLDB.

[13]  Francesco M. Malvestuto,et al.  Auditing Sum Queries , 2003, ICDT.

[14]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[15]  Irit Dinur,et al.  Revealing information while preserving privacy , 2003, PODS.

[16]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[17]  Sushil Jajodia,et al.  Cardinality-Based Inference Control in Sum-Only Data Cubes , 2002, ESORICS.

[18]  Graham Wrightson,et al.  Usability of compromise-free statistical databases , 1997, Proceedings. Ninth International Conference on Scientific and Statistical Database Management (Cat. No.97TB100150).

[19]  L. Cox Suppression Methodology and Statistical Disclosure Control , 1980 .

[20]  David Alan Hanson,et al.  Data security , 1979, ACM-SE 17.

[21]  Alexandre V. Evfimievski,et al.  Limiting privacy breaches in privacy preserving data mining , 2003, PODS.

[22]  Sushil Jajodia,et al.  Precisely Answering Multi-dimensional Range Queries without Privacy Breaches , 2003, ESORICS.

[23]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[24]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.