article

Free access

Further results on the security of partitioned dynamic statistical databases

Editor: Gio Wiederhold Author:

Mary McLeishAuthors Info & Claims

ACM Transactions on Database Systems (TODS), Volume 14, Issue 1

Pages 98 - 113

https://doi.org/10.1145/62032.62036

Published: 01 March 1989 Publication History

PDF eReader

Abstract

Partitioning is a highly secure approach to protecting statistical databases. When updates are introduced, security depends on putting restrictions on the sizes of partition sets which may be queried. To overcome this problem, attempts have been made to add “dummy” records. Recent work has shown that this leads to high information loss.

This paper reconsiders the restrictions on the size of partitioning sets required to achieve a high level of security. Updates of two records at a time were studied earlier, and security was found to hold if the sizes of the partition sets were kept even. In this paper an extended model is presented, allowing very general updates to be performed. The security problem is thoroughly studied, giving if and only if conditions. The earlier result is shown to be part of a corollary to the main theorem of this paper. Alternatives to adding dummy records are presented and the practical implications of the theory for the database manager are discussed.

References

[1]

BECK, L. A security mechanism for statistical databases. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 316-338.

Digital Library

Google Scholar

[2]

CAMPBELL, H. G. An Introduction to Matrices, Vectors, and Linear Programming. Meredith, New York, 1968.

Google Scholar

[3]

CHIN, F.Y. Security in statistical databases for queries with small counts. ACM Trans. Database Syst. 3, 1 (Mar. 1978), 92-104.

Digital Library

Google Scholar

[4]

CHIN, F., AND ()ZSOYOSLU, G. Security in partitioned dynamic statistical databases. In Proceedings of the IEEE COMPSAC Conference, IEEE, New York, 1979, 594-601.

Google Scholar

[5]

CHIN, F., AND 0ZSOYO(~LU, G. Statistical database design. ACM Trans. Database Syst. 6, 1 (Mar. 1981), 113-139.

Digital Library

Google Scholar

[6]

DEMILLO, R., AND DOBKIN, D. Recent progress in secure computation. Tech. Rep. GIT-ICS- 78, Georgia Institute of Technology, 1978.

Crossref

Google Scholar

[7]

DENNXNG, D. Secure statistical databases with random sample queries. ACM Trans. Database Syst. 5, 3 (Sept. 1980), 291-315.

Digital Library

Google Scholar

[8]

DENNING, D., AND SCHLORER, J. A fast procedure for finding a tracker in a statistical database. ACM Trans. Database Syst. 5, 1 {Mar. 1980), 88-102.

Digital Library

Google Scholar

[9]

DENNING, D., SCHLORER, J., AND WEHRLE, E. Memoryless inference controls for statistical databases. Submitted A CM Trans. Database Syst.

Google Scholar

[10]

DF, JONGE, W. Comprising statistical databases responding to queries about means. Vakgroep Informatica, Vrije Univ., Amsterdam, Jan. 1981.

Google Scholar

[11]

DOBKIN, D., JONES, A. K., AND LIPTON, R. J. Secure databases: Protection against user influence. ACM Trans. Database Syst. 4, 1 {Mar. 1979), 97-106.

Digital Library

Google Scholar

[12]

FELLEGI, I. P., AND PHILLIPS, J.L. Statistical confidentiality: Some theory and applications to data dissemination. Ann. Econ. Soc. Measure. 3 (1974), 399-409.

Google Scholar

[13]

HAQ, M.I. Insuring individual's privacy from statistical data base users. In Proceedings of the AFIPS National Computer Conference, Vol. 44, 1975, 941-946.

Google Scholar

[14]

HOFFMAN, K., AND KUNZE, R. Linear Algebra. Prentice-Hall, Englewood Cliffs, N.J., 1971.

Google Scholar

[15]

KAM, J., AND ULLMAN, J. A model of statistical databases and their security. ACM Trans. Database Syst. 2, 1 {Mar. 1977), 1-10.

Digital Library

Google Scholar

[16]

MCLEISH, M. Security issues for dynamic statistical databases. In Proceedings of the 15th Symposium on the Interface. North Holland, Amsterdam, 1983, 355-360.

Google Scholar

[17]

MCLEISH, M. An information theoretic approach to statistical databases and their security. In Proceedings of the Second International Workshop on Statistical Database Management (Los Altos, Calif., Sept. 1983). National Technical Service, 1983, 355-359.

Digital Library

Google Scholar

[18]

MCLEISH, M. Inference controls for intelligent databases. In Proceedings of the 1985 Conference on Intelligent Systems and Machines (Oakland, Mich., Apr. 1985). Oakland University Press, Oakland, Mich., 1985, 71-75.

Google Scholar

[19]

MCLEISH, M. Prior knowledge and the security of a dynamic statistical database. In Proceedings of the Third International Workshop on Statistical and Scientific Database Management (Luxembourg, July, 1986). EUROSTAT, 1986, 302-306.

Digital Library

Google Scholar

[20]

OZSOYOGLU, G. Secure statistical database design. Ph.D. dissertation, Dept. of Computing Science, Univ. of Alberta, Aug. 1980.

Google Scholar

[21]

OZSOYOGLU, G., AND OZSOYOGLU, Z.M. Update handling techniques in statistical databases. In Proceedings of the First LBL Workshop on Statistical Database Management (1981), 249-284.

Digital Library

Google Scholar

[22]

REINS, S.P. Security in databases: A combinatorial study. J. ACM 26 (1979), 45-57.

Digital Library

Google Scholar

[23]

SCHLORER, J. Security of statistical databases: Multi-dimensional transformation. ACM Trans. Database Syst. 6, 1 (Mar. 1981), 95-112.

Digital Library

Google Scholar

[24]

SCHLORER, J. Information loss in partioned statistical databases. Comput. J. 26, 3 (1983), 218-223.

Crossref

Google Scholar

[25]

SCHWARZ, M. D., DENNING, D. E., AND DENNING, P.J. Linear queries in statistical databases. ACM Trans. Database Syst. (June 1979), 156-167.

Digital Library

Google Scholar

[26]

TRAUn, J. F., YEMINI, Y., WOZNIAKOWSKI, H. The statistical security of a statistical database. ACM Trans. Database Syst. 9, 4 (Dec. 1984), 672-679.

Digital Library

Google Scholar

[27]

ULLMAN, J. The Principles of Database Systems. 2nd ed., Computer Science Press, Rockville, Md., 1982.

Digital Library

Google Scholar

[28]

Yu, D. T., AND CHIN, F. A study of the protection of statistical databases. ACM SIGMOD Conf., pp. 169-181 (1977).

Digital Library

Google Scholar

Cited By

View all

Beaubouef TPetry F(2013)Incorporating Rough Data in Database Design for Imprecise Information RepresentationRough Sets and Intelligent Systems - Professor Zdzisław Pawlak in Memoriam10.1007/978-3-642-30341-8_8(137-155)Online publication date: 2013
https://doi.org/10.1007/978-3-642-30341-8_8
Lakhal LCicchetti R(2011)STAR$^+$, un langage de manipulation de résumés statistiques structurésRAIRO - Operations Research10.1051/ro/199024040365124:4(365-432)Online publication date: 29-Mar-2011
https://doi.org/10.1051/ro/1990240403651
Beaubouef TPetry F(2010)Database security issues in rough relational databases2010 42nd Southeastern Symposium on System Theory (SSST 2010)10.1109/SSST.2010.5442811(352-356)Online publication date: Mar-2010
https://doi.org/10.1109/SSST.2010.5442811
Show More Cited By

Index Terms

Further results on the security of partitioned dynamic statistical databases

Recommendations

Multilevel Security for Relational Databases
Auditing user queries in dynamic statistical databases

Chin proposed an audit scheme for inference control in statistical databases (SDBs) which can determine whether or not a query will lead to the compromise of an SDB. As Chin points out that the dynamic updates of an SDB are prohibited in this scheme ...
Security Issues in Databases
FITME '09: Proceedings of the 2009 Second International Conference on Future Information Technology and Management Engineering

Security models, developed for databases, differ in many aspects because they focus on different features of the database security problem or because they make different assumptions about what constitutes a secure database. This leads to disjointed and ...

Reviews

Reviewer: Catherine Ann Meadows

A statistical database is one in which only statistics on data are released. In most cases, the actual data are to be kept confidential; queries must therefore be answered selectively so that individual records are not revealed. One way of accomplishing this task is to partition a relation and only reveal statistics on entire partitions. But when a database can be updated, this technique alone is not safe. In this paper McLeish provides a complete characterization of the kinds of sequences of insertions and deletions that may occur between queries in order for the database to remain safe (but these sequences can be assumed safe only when the statistics in question are count and sum). She also presents an algorithm for determining whether or not these conditions have been met. Her results are a considerable advance upon earlier work on this problem. It should be noted that McLeish only considers the protection of individual records; thus her conditions do not prevent a database from revealing, for example, the sum or difference of two data items. It would be interesting to see if her work could be extended to the case in which one wants to prevent the release not only of individual records but also of statistics over sets of a given size.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Database Systems

ACM Transactions on Database Systems Volume 14, Issue 1

March 1989

146 pages

ISSN:0362-5915

EISSN:1557-4644

DOI:10.1145/62032

Editor:
Gio Wiederhold
Computer Science Department, Stanford University, Stanford, CA

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 1989

Published in TODS Volume 14, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
617
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Beaubouef TPetry F(2013)Incorporating Rough Data in Database Design for Imprecise Information RepresentationRough Sets and Intelligent Systems - Professor Zdzisław Pawlak in Memoriam10.1007/978-3-642-30341-8_8(137-155)Online publication date: 2013
https://doi.org/10.1007/978-3-642-30341-8_8
Lakhal LCicchetti R(2011)STAR$^+$, un langage de manipulation de résumés statistiques structurésRAIRO - Operations Research10.1051/ro/199024040365124:4(365-432)Online publication date: 29-Mar-2011
https://doi.org/10.1051/ro/1990240403651
Beaubouef TPetry F(2010)Database security issues in rough relational databases2010 42nd Southeastern Symposium on System Theory (SSST 2010)10.1109/SSST.2010.5442811(352-356)Online publication date: Mar-2010
https://doi.org/10.1109/SSST.2010.5442811
Yanan Wang Jinge San Lingling Si Guoli Yu (2010)The study on security issues in imprecise databases based on rough set theory2010 International Conference on Educational and Network Technology10.1109/ICENT.2010.5532253(509-512)Online publication date: Jun-2010
https://doi.org/10.1109/ICENT.2010.5532253
Canfora GCavallo B(2009)A Bayesian approach for on-line max auditing of dynamic statistical databasesProceedings of the 2009 EDBT/ICDT Workshops10.1145/1698790.1698809(107-116)Online publication date: 22-Mar-2009
https://dl.acm.org/doi/10.1145/1698790.1698809
Du TWang FRo J(2002)The effect of the Bootstrap method on additive fixed data perturbation in statistical databaseOmega10.1016/S0305-0483(02)00055-530:5(367-379)Online publication date: Oct-2002
https://doi.org/10.1016/S0305-0483(02)00055-5
Shieh SLin C(1999)Auditing user queries in dynamic statistical databasesInformation Sciences10.1016/S0020-0255(98)10044-0113:1-2(131-146)Online publication date: Jan-1999
https://doi.org/10.1016/S0020-0255(98)10044-0
Möncke U(1999)Sicherheit im Data Warehouse Profilbildung und AnonymitätDatenschutz und Datensicherheit10.1007/978-3-322-89109-9_3(30-59)Online publication date: 1999
https://doi.org/10.1007/978-3-322-89109-9_3

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Multilevel Security for Relational Databases

Auditing user queries in dynamic statistical databases

Security Issues in Databases

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations