Auditing sum-queries to make a statistical database secure

Malvestuto, Francesco M.; Mezzini, Mauro; Moscarini, Marina

doi:10.1145/1127345.1127347

Cited by 32 publications

(12 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It has long believed that auditing is an effective tool for protection [5]. [7]. While the data attributes hold other information, usually numerical, for which some statistical queries may be desired such as Salary, Score, Income, etc [6].…”

Section: A Overview Of Solution Approachesmentioning

confidence: 99%

“…Also they presented an auditing procedure on such a graph and discussed the computational issues connected with its implementation. The authors in [7] focused on sum-queries with a response variable of nonnegative real type and they proposed a compact representation of answered sum-queries, called an information model in "normal form", which allows the query system to decide whether the value of a new sum-query can or cannot be safely answered. If it cannot, then the query system will issue the range of feasible values of the new sum-query consistent with previously answered sum-queries.…”

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Efficient Algorithms for the Key Representation Auditing Scheme

Elshiekh¹,

Dominic²

2009

IJCEE

View full text Add to dashboard Cite

Abstract-A statistical database (SDB) publishes statistical queries (such as sum, average, count, etc) on subsets of records. Sometimes by stitching the answers of some statistics, a malicious user (snooper) may be able to deduce confidential information about some individuals. The key representation auditing scheme is proposed to guarantee the security of online and dynamic SDBs. The core idea is to convert the original database into key representation database (KRDB), also this scheme involves converting each new user query from string representation into key representation query (KRQ), and stores it in the Audit Query table (AQ table). Three audit stages are proposed to repel the attacks of the snooper to the confidentiality of the individuals. In this paper, efficient algorithms for these stages are presented, namely the First Stage Algorithm (FSA), the Second Stage Algorithm (SSA), and the Third Stage Algorithm (TSA). These algorithms enable the key representation auditor (KRA) to conveniently specify the illegal queries which could lead to disclosing the SDB. Also, cost estimation for this scheme is performed, and we illustrate the saving in block accesses (CPU time) and storage space that are attainable when a KRDB is used.

show abstract

Section: A Overview Of Solution Approachesmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

Efficient Algorithms for the Key Representation Auditing Scheme

Elshiekh¹,

Dominic²

2009

IJCEE

View full text Add to dashboard Cite

show abstract

“…Christina Yip Chung, Michael Gertz and Karl Levitt developed DEMIDS, which is a misuse detection system for database systems tailored to relational database systems [2]. Francesco M. Malvestuto, Mauro Mezzini and Marina Moscarini propose an approach to avoid releasing summary statistics that could lead to the disclosure of confidential individual data in [4]. In [8] and [10], Sin Yeung Lee, Wai Lup Low and Pei Yuen Wong describe an algorithm that summarizes the raw transactional SQL queries into compact regular expressions.…”

Section: Related Workmentioning

confidence: 99%

Statistical and Fuzzy Approach for Database Security

Lu¹,

Yi²

2007

Fourth International Conference on Fuzzy Systems and Knowledge Discovery (FSKD 2007)

View full text Add to dashboard Cite

show abstract

“…We focus on the query restriction approach, which prevents malicious inferences by denying some unsafe queries. In particular, we deal with the on-line auditing problem [6], [8], [9], [10], [12]. With on-line auditing, queries are answered one by one, in sequence, and the auditor has to determine whether the SDB is compromised when answering a new query.…”

Section: Introductionmentioning

confidence: 99%

A Bayesian approach for on-line max auditing of dynamic statistical databases

Cavallo

2009

Proceedings of the 2009 EDBT/ICDT Workshops

View full text Add to dashboard Cite

In this paper we propose a method for on-line max auditing of dynamic statistical databases. The method extends the Bayesian approach presented in [2], [3] and [4] for static databases. A Bayesian network addresses disclosures based on probabilistic inferences that can be drawn from released data; we have developed algorithms to update the network whenever the database changes. In particular, we consider the case in which records are added or deleted, or some sensitive values change their value. The paper introduces the algorithms and discusses results of a preliminary set of of experimental trials.

show abstract

Auditing sum-queries to make a statistical database secure

Cited by 32 publications

References 22 publications

Efficient Algorithms for the Key Representation Auditing Scheme

Efficient Algorithms for the Key Representation Auditing Scheme

Statistical and Fuzzy Approach for Database Security

A Bayesian approach for on-line max auditing of dynamic statistical databases

Contact Info

Product

Resources

About