Auditing for secure statistical databases

  • Authors:

  • Francis Chin;Gultekin Ozsoyoglu

  • Affiliations:

  • -;-

  • Venue:
  • ACM '81 Proceedings of the ACM '81 conference
  • Year:
  • 1981

Quantified Score

Hi-index 0.00

Visualization

Abstract

A statistical database (SDB) is an ordinary database that returns statistical information to user queries. The security problem for the SDB is to control the use of the SDB so that only statistical information is available and no sequence of queries is sufficient to infer protected information about any individual. When such information is obtained, the SDB is said to be compromised. Many researchers have studied different protection mechanisms to prevent an SDB from being compromised. However, most of these mechanisms are either ineffective or inefficient or are only applicable to large SDBs. Auditing in SDBs is initially proposed in the form of investigating log trails manually. In this paper, we present a practical technique for managing the past history of user's queries, discuss how the sequence of all the answered queries of the SDB can be reduced and stored in finite storage, and describe how this storage scheme can provide an effective way of checking compromise. We believe that this will help us to develop a more practical and efficient tool for protection in a small SDB than the previously known mechanisms. We also extend the idea to batched queries and a more general environment for better protection and performance. We also state that the problem of maximizing the amount of information to the users without compromising the SDB is NP-complete.