Parity-based inference control for multi-dimensional range sum queries

This paper studies the inference control of multi-dimensional range (MDR) sum queries. We show that existing inference control methods are usually inefficient for MDR queries. We then consider parity-based inference control that restricts users to queries involving an even number of sensitive values. Such a restriction renders inferences significantly more difficult, because an even number is closed under addition and subtraction, whereas inferences target at one value. However, more sophisticated inferences are still possible with only even MDR queries. We show that the collection of all even MDR queries causes inferences if and only if a special collection of sum-two queries (that is, the summation of exactly two values) does so. The result leads to an inference control method with an improved computational complexity O(mn) (over the previous result of O(m 2n)) for m MDR queries over n values. We show that no odd MDR queries can be answered without causing inferences. We show how to check non-MDR queries for inferences in linear time. We also show how to find large inference-free subsets of even MDR queries when they do cause inferences.

[1]  Francis Y. L. Chin Security in statistical databases for queries with small counts , 1978, TODS.

[2]  Duminda Wijesekera,et al.  Constraints, Inference Channels and Secure Databases , 2000, CP.

[3]  Sushil Jajodia,et al.  Cardinality-Based Inference Control in Sum-Only Data Cubes , 2002, ESORICS.

[4]  Igor Rivin,et al.  On some extremal problems in graph theory , 1999 .

[5]  Sushil Jajodia,et al.  Preventing Interval-Based Inference by Random Data Perturbation , 2002, Privacy Enhancing Technologies.

[6]  Francis Y. L. Chin,et al.  Efficient Inference Control for Range SUM Queries , 1984, Theor. Comput. Sci..

[7]  Wenliang Du,et al.  Building decision tree classifier on private data , 2002 .

[8]  Peter J. Denning,et al.  Data Security , 1979, CSUR.

[9]  Jan Schlörer,et al.  Security of statistical databases: multidimensional transformation , 1980, TODS.

[10]  Dan Suciu,et al.  A formal analysis of information disclosure in data exchange , 2004, SIGMOD '04.

[11]  Jon M. Kleinberg,et al.  Auditing Boolean attributes , 2003, J. Comput. Syst. Sci..

[12]  Sushil Jajodia,et al.  Precisely Answering Multi-dimensional Range Queries without Privacy Breaches , 2003, ESORICS.

[13]  Gultekin Özsoyoglu,et al.  Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[14]  Francis Y. L. Chin,et al.  Security problems on inference control for SUM, MAX, and MIN queries , 1986, JACM.

[15]  J. Beck,et al.  Discrepancy Theory , 1996 .

[16]  Ramakrishnan Srikant,et al.  Privacy-preserving data mining , 2000, SIGMOD '00.

[17]  Sushil Jajodia,et al.  Auditing Interval-Based Inference , 2002, CAiSE.

[18]  Sushil Jajodia,et al.  A Privacy-Enhanced Microaggregation Method , 2002, FoIKS.

[19]  Ramakrishnan Srikant,et al.  Privacy preserving OLAP , 2005, SIGMOD '05.

[20]  L. Cox Suppression Methodology and Statistical Disclosure Control , 1980 .

[21]  Henryk Wozniakowski,et al.  The statistical security of a statistical database , 1984, TODS.

[22]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[23]  Francesco M. Malvestuto,et al.  Auditing Sum Queries , 2003, ICDT.

[24]  Ivan P. Fellegi,et al.  On the Question of Statistical Confidentiality , 1972 .

[25]  Pierangela Samarati,et al.  Generalizing Data to Provide Anonymity when Disclosing Information , 1998, PODS 1998.

[26]  Gu Si-yang,et al.  Privacy preserving association rule mining in vertically partitioned data , 2006 .

[27]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[28]  P. Y. Chin,et al.  Security is partitioned dynamic stastical databases , 1979, COMPSAC.

[30]  Sushil Jajodia,et al.  Securing OLAP data cubes against privacy breaches , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[31]  Yingjiu Li,et al.  Practical Inference Control for Data Cubes , 2008, IEEE Transactions on Dependable and Secure Computing.

[32]  Sushil Jajodia,et al.  Checking for k-Anonymity Violation by Views , 2005, VLDB.

[33]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, CSUR.

[34]  Leland L. Beck,et al.  A security machanism for statistical database , 1980, TODS.

[35]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[36]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[37]  Nimrod Megiddo,et al.  Range queries in OLAP data cubes , 1997, SIGMOD '97.

[38]  Hamid Pirahesh,et al.  Data Cube: A Relational Aggregation Operator Generalizing Group-By, Cross-Tab, and Sub-Totals , 1996, Data Mining and Knowledge Discovery.

[39]  Graham Wrightson,et al.  Usability of compromise-free statistical databases , 1997, Proceedings. Ninth International Conference on Scientific and Statistical Database Management (Cat. No.97TB100150).

[40]  Sushil Jajodia,et al.  Cardinality-based inference control in data cubes , 2004, J. Comput. Secur..