A data distortion by probability distribution
ACM Transactions on Database Systems (TODS)
Security problems on inference control for SUM, MAX, and MIN queries
Journal of the ACM (JACM)
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
ACM Transactions on Database Systems (TODS)
Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
The tracker: a threat to statistical database security
ACM Transactions on Database Systems (TODS)
Secure statistical databases with random sample queries
ACM Transactions on Database Systems (TODS)
A security machanism for statistical database
ACM Transactions on Database Systems (TODS)
Security of statistical databases: multidimensional transformation
ACM Transactions on Database Systems (TODS)
PODS '00 Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
The statistical security of a statistical database
ACM Transactions on Database Systems (TODS)
A study on the protection of statistical data bases
SIGMOD '77 Proceedings of the 1977 ACM SIGMOD international conference on Management of data
Concurrent and Real Time Systems: The CSP Approach
Concurrent and Real Time Systems: The CSP Approach
Fair use, DRM, and trusted computing
Communications of the ACM - Digital rights management
Information Loss in the Lattice Model of Summary Tables due to Cell Suppression
Proceedings of the Second International Conference on Data Engineering
ICDT '03 Proceedings of the 9th International Conference on Database Theory
An Analytic Approach to Statistical Databases
VLDB '83 Proceedings of the 9th International Conference on Very Large Data Bases
Auditing Interval-Based Inference
CAiSE '02 Proceedings of the 14th International Conference on Advanced Information Systems Engineering
A Model of Summary Data and its Applications in Statistical Databases
Proceedings of the 4th International Working Conference SSDBM on Statistical and Scientific Database Management
Cardinality-Based Inference Control in Sum-Only Data Cubes
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Verifying authentication protocols with CSP
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Practical server privacy with secure coprocessors
IBM Systems Journal - End-to-end security
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Protecting Client Privacy with Trusted Computing at the Server
IEEE Security and Privacy
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Automated cell suppression to preserve confidentiality of business statistics
SSDBM'83 Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management
A security model for the statistical database problem
SSDBM'83 Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management
Practical Inference Control for Data Cubes (Extended Abstract)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Auditing and Inference Control in Statistical Databases
IEEE Transactions on Software Engineering
A model-theoretic approach to data anonymity and inference control
Proceedings of the second ACM conference on Data and Application Security and Privacy
| Hi-index | 0.00 |
The database server is a crucial bottleneck in traditional inference control architecture, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, can never be implemented in practice for protecting largescale real-world database systems. To shift this paradigm, we propose a new inference control architecture that will entrust inference control to each users platform, provided that the platform is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a users platform to the database server, so as to assure the server that inference control could be enforced as expected. A generic protocol is proposed to formalize the interactions between the users platform and database server. Any existing inference control technique can work with our protocol, for which the security properties are formally proven. Since each user's platform enforces inference control for its own queries, our solution avoids the bottleneck.