Updating derived relations: detecting irrelevant and autonomously computable updates
ACM Transactions on Database Systems (TODS)
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Constraint checking with partial information
PODS '94 Proceedings of the thirteenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Database security: research and practice
Information Systems
Probabilistic frame-based systems
AAAI '98/IAAI '98 Proceedings of the fifteenth national/tenth conference on Artificial intelligence/Innovative applications of artificial intelligence
Independence of logic database queries and update
PODS '90 Proceedings of the ninth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Algebraic versus probabilstic independence in data bases
PODS '85 Proceedings of the fourth ACM SIGACT-SIGMOD symposium on Principles of database systems
Selectivity estimation using probabilistic models
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Cryptography and data security
Cryptography and data security
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Queries Independent of Updates
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
Answering queries using views: A survey
The VLDB Journal — The International Journal on Very Large Data Bases
Limiting privacy breaches in privacy preserving data mining
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Information sharing across private databases
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
A formal analysis of information disclosure in data exchange
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Secure XML publishing without information leakage in the presence of data inference
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Privacy in database publishing
ICDT'05 Proceedings of the 10th international conference on Database Theory
Asymptotic conditional probabilities for conjunctive queries
ICDT'05 Proceedings of the 10th international conference on Database Theory
A Unified Audit Expression Model for Auditing SQL Queries
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Auditing Inference Based Disclosures in Dynamic Databases
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Approximate lineage for probabilistic databases
Proceedings of the VLDB Endowment
Detecting privacy violations in database publishing using disjoint queries
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
An efficient online auditing approach to limit private data disclosure
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
Privacy-Preserving Query Answering in Logic-based Information Systems
Proceedings of the 2008 conference on ECAI 2008: 18th European Conference on Artificial Intelligence
Verification of the security against inference attacks on XML databases
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Proceedings of the 9th annual ACM workshop on Privacy in the electronic society
Queries and materialized views on probabilistic databases
Journal of Computer and System Sciences
Determining relevance of accesses at runtime
Proceedings of the thirtieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Efficient auditing for complex SQL queries
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Theoretical Computer Science
Design by example for SQL table definitions with functional dependencies
The VLDB Journal — The International Journal on Very Large Data Bases
Competitive privacy: secure analysis on integrated sequence data
DASFAA'10 Proceedings of the 15th international conference on Database Systems for Advanced Applications - Volume Part II
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Characterisations of multivalued dependency implication over undetermined universes
Journal of Computer and System Sciences
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Fine-grained disclosure control for app ecosystems
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Denials leak information: Simulatable auditing
Journal of Computer and System Sciences
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Hi-index | 0.00 |
We perform a theoretical study of the following query-view security problem: given a view V to be published, does V logically disclose information about a confidential query S? The problem is motivated by the need to manage the risk of unintended information disclosure in today's world of universal data exchange. We present a novel information-theoretic standard for query-view security. This criterion can be used to provide a precise analysis of information disclosure for a host of data exchange scenarios, including multi-party collusion and the use of outside knowledge by an adversary trying to learn privileged facts about the database. We prove a number of theoretical results for deciding security according to this standard. We also generalize our security criterion to account for prior knowledge a user or adversary may possess, and introduce techniques for measuring the magnitude of partial disclosures. We believe these results can be a foundation for practical efforts to secure data exchange frameworks, and also illuminate a nice interaction between logic and probability theory.