Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
An Integrated Framework for Database Privacy Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Confidentiality Policies and Their Enforcement for Controlled Query Evaluation
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge Discovery
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Auditing and inference control for privacy preservation in uncertain environments
EuroSSC'06 Proceedings of the First European conference on Smart Sensing and Context
| Hi-index | 0.00 |
Traditional access control models protect sensitive data from unauthorised direct accesses; however, they fail to prevent indirect inferences. Information disclosure via inference channels occurs when secret information is derived from unclassified non-secure information and other sources like metadata and public observations. Previously, techniques using precise and fuzzy functional dependencies were proposed to detect inference channels. However, such methods are inappropriate when probabilistic relationships exist among data items that may be used to infer information with a predictable likelihood of accuracy. In this paper, the authors present definitions and algorithms for detecting inference channels in a probabilistic knowledge base and maximising an attacker's uncertainty by restricting selected inference channels to comply with data confidentiality and privacy requirements. As an illustration, a healthcare scenario is used to show how inference control can be performed on probabilistic relations to address patients' privacy concerns over Electronic Medical Records. To limit an attacker's ability to know secret data selected inference channels are restricted by using a Bayesian network that incorporates the information stored within a medical knowledge base to decide which facts must be hidden to limit undesired inferences.