Verification of the security against inference attacks on XML databases

Authors:
Kenji Hashimoto;Fumikazu Takasuka;Kimihide Sakano;Yasunori Ishihara;Toru Fujiwara
Affiliations:
Graduate School of Information Science and Technology, Osaka University, Suita, Osaka, Japan;Graduate School of Information Science and Technology, Osaka University, Suita, Osaka, Japan;Graduate School of Information Science and Technology, Osaka University, Suita, Osaka, Japan;Graduate School of Information Science and Technology, Osaka University, Suita, Osaka, Japan;Graduate School of Information Science and Technology, Osaka University, Suita, Osaka, Japan
Venue:
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Year:
2008

Citing 13
Cited 0

Security and inference in multilevel database and knowledge-base systems

SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
The XML typechecking problem

ACM SIGMOD Record
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures

IEEE Transactions on Knowledge and Data Engineering
IRI: A Quantitative Approach to Inference Analysis in Relational Databases

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Entropy-Based Framework for Database Inference

IH '99 Proceedings of the Third International Workshop on Information Hiding
k-anonymity: a model for protecting privacy

International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
The inference problem and updates in relational databases

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Secure XML querying with security views

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
\ell -Diversity: Privacy Beyond \kappa -Anonymity

ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Personalized privacy preservation

Proceedings of the 2006 ACM SIGMOD international conference on Management of data
A formal analysis of information disclosure in data exchange

Journal of Computer and System Sciences
Secure XML publishing without information leakage in the presence of data inference

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Privacy in database publishing

ICDT'05 Proceedings of the 10th international conference on Database Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

A verification framework for the security against inference attacks on XML databases is proposed. The framework treats a concept called k-secrecy with an integer k 1 (or k = ∞), which means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. The security verification methods proposed in the framework are applicable to practical cases where authorized queries extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Also, using experimental results of prototype systems, we discuss time efficiency of the proposed verification methods.