Security problems on inference control for SUM, MAX, and MIN queries
Journal of the ACM (JACM)
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Security of statistical databases: multidimensional transformation
ACM Transactions on Database Systems (TODS)
ACM Transactions on Database Systems (TODS)
Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
A security machanism for statistical database
ACM Transactions on Database Systems (TODS)
A General Additive Data Perturbation Method for Database Security
Management Science
Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
On the design and quantification of privacy preserving data mining algorithms
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
The statistical security of a statistical database
ACM Transactions on Database Systems (TODS)
The Cassowary linear arithmetic constraint solving algorithm
ACM Transactions on Computer-Human Interaction (TOCHI)
Partial cell suppression: A new methodology for statistical disclosure control
Statistics and Computing
Practical Data-Oriented Microaggregation for Statistical Disclosure Control
IEEE Transactions on Knowledge and Data Engineering
Auditing Interval-Based Inference
CAiSE '02 Proceedings of the 14th International Conference on Advanced Information Systems Engineering
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Transforming data to satisfy privacy constraints
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Journal of Computer and System Sciences - Special issue on PODS 2000
On the Privacy Preserving Properties of Random Data Perturbation Techniques
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Solving the Cell Suppression Problem on Tabular Data with Linear Constraints
Management Science
Bottom-Up Generalization: A Data Mining Solution to Privacy Protection
ICDM '04 Proceedings of the Fourth IEEE International Conference on Data Mining
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Deriving private information from randomized data
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
IEEE Transactions on Knowledge and Data Engineering
Privacy Preserving Data Classification with Rotation Perturbation
ICDM '05 Proceedings of the Fifth IEEE International Conference on Data Mining
Auditing sum-queries to make a statistical database secure
ACM Transactions on Information and System Security (TISSEC)
\ell -Diversity: Privacy Beyond \kappa -Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Practical Inference Control for Data Cubes (Extended Abstract)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
On the efficiency of checking perfect privacy
Proceedings of the twenty-fifth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Towards robustness in query auditing
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
A formal analysis of information disclosure in data exchange
Journal of Computer and System Sciences
Auditing and Inference Control in Statistical Databases
IEEE Transactions on Software Engineering
Auditing compliance with a Hippocratic database
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Preventing interval-based inference by random data perturbation
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Hi-index | 0.00 |
In a database system, disclosure of confidential private data may occur if users can put together the answers of past queries. Traditional access control mechanisms cannot guard against such breaches to private data. Online auditing techniques have been advanced to limit such disclosure of private data. Essentially, before answering any query, these techniques inspect the answers of the past queries to determine whether answering this query would compromise the stated data disclosure policies. While the primary requirement for online auditing is high efficiency, existing auditing approaches are expensive with respect to both computational time and space. Specifically, this cost is excessive in the general case of auditing arbitrary aggregate queries over real-valued confidential attributes with respect to interval-based privacy disclosure. In this paper, we model this problem as the well-studied linear programming (LP) problem and propose an efficient online auditing solution for constantly monitoring the bounds of protected attributes. The previously proposed approaches in this direction repetitively employ the LP. Consequently, for each new query, they require evaluation of the entire set of answers to past queries. In this paper, we propose a novel approach to employ LP that keeps the prior evaluation state in a concise form and conducts an incremental evaluation. Basically, our approach treats the online auditing problem as a series of updation problems. Each time when a new query is issued by a user, instead of solving a new LP problem with up-to-date log of all queries, we modify the existing bounds obtained in auditing previous queries based on certain rules so as to get the updated bounds with the new query added. Since it significantly reduces the computation time and storage space, our approach offers the first practical solution for the interval-based online auditing problem. Our experimental results demonstrate that our solution is about 30 times faster than the existing solutions.