Inference Detection and Database Security for a Business Environment

The number of data collections of person-specific information is increasing exponentially. The risks of compromising privacy are also increasing, but can be limited through data anonymity and data security. Security models, developed for databases, differ in many aspects because they focus on different features of the problem, leading to incomplete implementations of the organizational security strategy. Our paper presents a multi-layer approach to data anonymity and database security, covering the entire process from inference detection to secure communication and database integrity. This approach is useful for protecting sensitive data and assuring in-depth mitigation of different possible attacks.

[1]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[2]  Wesley W. Chu,et al.  Database Security Protection Via Inference Detection , 2006, ISI.

[3]  Shinsaku Kiyomoto,et al.  Data Anonymity in Multi-Party Service Model , 2011, FGIT-SecTech.

[4]  Karl N. Levitt,et al.  Data level inference detection in database systems , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[5]  Forrest Shull,et al.  Assessing the Quality Impact of Design Inspections , 2007, ESEM 2007.

[6]  Meg Murray,et al.  Database Security: What Students Need to Know , 2010, J. Inf. Technol. Educ. Innov. Pract..

[7]  Ton de Waal,et al.  Statistical Disclosure Control in Practice , 1996 .

[8]  Karl N. Levitt,et al.  A data-level database inference detection system , 1998 .

[9]  Zongkai Yang,et al.  A secure database encryption scheme , 2004, Second IEEE Consumer Communications and Networking Conference, 2005. CCNC. 2005.

[10]  Mário Guimarães New challenges in teaching database security , 2006, InfoSecCD '06.

[11]  Gerardo Canfora,et al.  Tuning anonymity level for assuring high data quality: an empirical study. , 2007, First International Symposium on Empirical Software Engineering and Measurement (ESEM 2007).

[12]  Sheng Zhong,et al.  Anonymity-preserving data collection , 2005, KDD '05.

[13]  Yanhua Pan Research on network database encryption technology , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.