Auditing User Queries in Dynamic Statistical Databases

Chin proposed an audit scheme for inference control in statistical databases (SDBs) which can determine whether or not a query will lead to the compromise of an SDB. As Chin points out that the dynamic updates of an SDB are prohibited in this scheme because, otherwise, the time and storage requirements will become infinite. The restriction limits the use of this scheme since many SDBs need to be dynamically updated. In this paper, we propose an algorithm to remove this restriction so that updates can be allowed. We also propose an efficient audit scheme for dynamic SDBs which requires less time and storage requirements, and does not have the space explosion problem that appears in Chin's scheme.

[1]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[2]  L. Cox Suppression Methodology and Statistical Disclosure Control , 1980 .

[3]  Gultekin Özsoyoglu,et al.  Auditing and Inference Control in Statistical Databases , 1982, IEEE Transactions on Software Engineering.

[4]  Jan Schlörer Disclosure from Statistical Databases: Quantitative Aspects of Trackers , 1980, ACM Trans. Database Syst..

[5]  Dorothy E. Denning,et al.  A Security Model for the Statistical Database Problem , 1983, SSDBM.

[6]  Dorothy E. Denning,et al.  Secure statistical databases with random sample queries , 1980, TODS.

[7]  Henryk Wozniakowski,et al.  The statistical security of a statistical database , 1984, TODS.

[8]  Richard J. Lipton,et al.  Secure databases: protection against user influence , 1979, TODS.

[9]  P. Y. Chin,et al.  Security is partitioned dynamic stastical databases , 1979, COMPSAC.

[10]  Matthew Morgenstern,et al.  Controlling logical inference in multilevel database systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[11]  Steven P. Reiss Practical Data-Swapping: The First Steps , 1980, 1980 IEEE Symposium on Security and Privacy.

[12]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[13]  Gultekin Özsoyoglu,et al.  Statistical database design , 1981, TODS.

[14]  Gultekin Özsoyoglu,et al.  On Inference Control in Semantic Data Models for Statistical Databases , 1990, J. Comput. Syst. Sci..

[15]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[16]  Harry S. Delugach,et al.  Wizard: A Database Inference Analysis and Detection System , 1996, IEEE Trans. Knowl. Data Eng..

[17]  Mary McLeish,et al.  Further results on the security of partitioned dynamic statistical databases , 1989, TODS.