Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
The tracker: a threat to statistical database security
ACM Transactions on Database Systems (TODS)
Linear queries in statistical databases
ACM Transactions on Database Systems (TODS)
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
A transformational grammar-based query processor for access control in a planning system
ACM Transactions on Database Systems (TODS)
Third Generation Computer Systems
ACM Computing Surveys (CSUR)
Fault Tolerant Operating Systems
ACM Computing Surveys (CSUR)
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
ACM Computing Surveys (CSUR)
Symmetric and Asymmetric Encryption
ACM Computing Surveys (CSUR)
Secure personal computing in an insecure network
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
A model for verification of data security in operating systems
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Security Kernel validation in practice
Communications of the ACM
Protection in operating systems
Communications of the ACM
Communications of the ACM
A user authentication scheme not requiring secrecy in the computer
Communications of the ACM
A hardware architecture for implementing protection rings
Communications of the ACM
On the implementation of security measures in information systems
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
A study on the protection of statistical data bases
SIGMOD '77 Proceedings of the 1977 ACM SIGMOD international conference on Management of data
Advances in Computer Architecture
Advances in Computer Architecture
Time Sharing Computer Systems
Foundations of Secure Computation
Foundations of Secure Computation
Design Issues for Secure Computer Networks
Operating Systems, An Advanced Course
Operating Systems, An Advanced Course
ACM SIGOPS Operating Systems Review
Some security principles and their application to computer security
ACM SIGOPS Operating Systems Review
Full protection specifications in the semantic model for database protection languages
ACM '76 Proceedings of the 1976 annual conference
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The Cambridge CAP computer and its protection system
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
The Multics kernel design project
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
Information transmission in computational systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
On the synthesis and analysis of protection systems
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
A language extension for controlling access to shared data
ICSE '76 Proceedings of the 2nd international conference on Software engineering
Structured specification of a Security Kernel
Proceedings of the international conference on Reliable software
Access control in a relational data base management system by query modification
ACM '74 Proceedings of the 1974 annual conference - Volume 1
Functionality and performance in capability-based operating systems.
Functionality and performance in capability-based operating systems.
Computer system organization: The B5700/B6700 series (ACM monograph series)
Computer system organization: The B5700/B6700 series (ACM monograph series)
The multics system: an examination of its structure
The multics system: an examination of its structure
A data distortion by probability distribution
ACM Transactions on Database Systems (TODS)
Communications of the ACM
The NTree: a two dimension partial order for protection groups
ACM Transactions on Computer Systems (TOCS)
Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups
IEEE Transactions on Software Engineering
A Model for Multilevel Security in Computer Networks
IEEE Transactions on Software Engineering
A hierarchical single-key-lock access control using the Chinese remainder theorem
SAC '92 Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing: technological challenges of the 1990's
CIKM '93 Proceedings of the second international conference on Information and knowledge management
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
Secure statistical databases with random sample queries
ACM Transactions on Database Systems (TODS)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
Implicit coscheduling: coordinated scheduling with implicit information in distributed systems
ACM Transactions on Computer Systems (TOCS)
A Framework for Analysis of Data Quality Research
IEEE Transactions on Knowledge and Data Engineering
Auditing Interval-Based Inference
CAiSE '02 Proceedings of the 14th International Conference on Advanced Information Systems Engineering
Security against Inference Attacks on Negative Information in Object-Oriented Databases
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Cardinality-Based Inference Control in Sum-Only Data Cubes
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Mobile Agents and Security
Security and protection of data in the IBM System/38
ISCA '80 Proceedings of the 7th annual symposium on Computer Architecture
Assessing global disclosure risk in masked microdata
Proceedings of the 2004 ACM workshop on Privacy in the electronic society
A seminar in computer audit and control systems
ACM SIGSAC Review - Fertile topics in security, audit, and control
Cardinality-based inference control in data cubes
Journal of Computer Security
Protecting sensitive patient data via query modification
Proceedings of the 2005 ACM symposium on Applied computing
Units and accuracy in statistical databases
SSDBM'81 Proceedings of the 1st LBL Workshop on Statistical database management
Statistical databases: their model, query language and security
SSDBM'83 Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management
On tracker attacks in health grids
Proceedings of the 2006 ACM symposium on Applied computing
The iAPX 286 protection architecture
ACM SIGSMALL Newsletter
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Privacy and e-commerce: a consumer-centric perspective
Electronic Commerce Research
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Parity-based inference control for multi-dimensional range sum queries
Journal of Computer Security
Effective inference control mechanisms for securing statistical databases
AFIPS '81 Proceedings of the May 4-7, 1981, national computer conference
Data base security: requirements, policies, and models
IBM Systems Journal
Security considerations for personal computers
IBM Systems Journal
An overview of computer security
IBM Systems Journal
Preventing interval-based inference by random data perturbation
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Software—Practice & Experience - Focus on Selected PhD Literature Reviews in the Practical Aspects of Software Technology
The challenge of data and application security and privacy (DASPY): are we up to it
Proceedings of the first ACM conference on Data and application security and privacy
On deducibility and anonymisation in medical databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Security policy enforcement through refinement process
B'07 Proceedings of the 7th international conference on Formal Specification and Development in B
Analysis of the communication between colluding applications on modern smartphones
Proceedings of the 28th Annual Computer Security Applications Conference
Hi-index | 0.02 |
The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest in the technical safeguards for data. There are four kinds of safeguards, each related to but distinct from the others. Access controls regulate which users may enter the system and subsequently which data sets an active user may read or write. Flow controls regulate the dissemination of values among the data sets accessible to a user. Inference controls protect statistical databases by preventing questioners from deducing confidential information by posing carefully designed sequences of statistical queries and correlating the responses. Statistical data banks are much less secure than most people believe. Data encryption attempts to prevent unauthorized disclosure of confidential information in transit or in storage. This paper describes the general nature of controls of each type, the kinds of problems they can and cannot solve, and their inherent limitations and weaknesses. The paper is intended for a general audience with little background in the area.