ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Statistical database design
Full text PdfPdf (1.96 MB)
Source ACM Transactions on Database Systems (TODS) archive
Volume 6 ,  Issue 1  (March 1981) table of contents
Pages: 113 - 139  
Year of Publication: 1981
ISSN:0362-5915
Authors
Francis Y. Chin  Univ. of Alberta, Alta., Canada
Gultekin Ozsoyoglu  Univ. of Alberta, Alta., Canada
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 18,   Downloads (12 Months): 79,   Citation Count: 20
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/319540.319558
What is a DOI?

ABSTRACT

The security problem of a statistical database is to limit the use of the database so that no sequence of statistical queries is sufficient to deduce confidential or private information. In this paper it is suggested that the problem be investigated at the conceptual data model level. The design of a statistical database should utilize a statistical security management facility to enforce the security constraints at the conceptual model level. Information revealed to users is well defined in the sense that it can at most be reduced to nondecomposable information involving a group of individuals. In addition, the design also takes into consideration means of storing the query information for auditing purposes, changes in the database, users' knowledge, and some security measures.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
ACHUGBUE, J.D., AND CHIN, F.Y. The effectiveness of output modification by rounding for protection of statistical databases. INFOR 17, 3 (1979), 209-218.
 
2
Alfred V. Aho , John E. Hopcroft, The Design and Analysis of Computer Algorithms, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1974
3
Peter Pin-Shan Chen, The entity-relationship model—toward a unified view of data, ACM Transactions on Database Systems (TODS), v.1 n.1, p.9-36, March 1976  [doi>10.1145/320434.320440]
4
Francis Y. Chin, Security in statistical databases for queries with small counts, ACM Transactions on Database Systems (TODS), v.3 n.1, p.92-104, March 1978  [doi>10.1145/320241.320250]
 
5
CHIN, F.Y., AND OZSOYOGLU, G. Security in partitioned dynamic statistical databases. Proc. IEEE COMPSAC Conf., 1979, pp. 594-601.
 
6
CHIN, F.Y., AND OZSOYOGLU, G. Security of statistical databases. Dep. Computing Science, Univ. Alberta, Edmonton, Alberta, Canada, 1979.
7
E. F. Codd, A relational model of data for large shared data banks, Communications of the ACM, v.13 n.6, p.377-387, June 1970  [doi>10.1145/362384.362685]
 
8
CODD, E.F. Recent investigations in relational database systems. Information Processing 74, North-Holland Pub. Co., Amsterdam, 1974, pp. 1017-1021.
9
E. F. Codd, Extending the database relational model to capture more meaning, ACM Transactions on Database Systems (TODS), v.4 n.4, p.397-434, Dec. 1979  [doi>10.1145/320107.320109]
 
10
DAVIDA, G., AND ROCHELEAU, R. Compromising a database using MEAN queries of variable length. TR-CS-77-2, Univ. Wisconsin, Milwaukee, Wisc., 1976.
 
11
DEMILLO, R.A., AND DOBKIN, D. Recent progress in secure computation. IEEE 2nd int. Conf. Computer Software and Applications, 1978.
 
12
DEMILLO, R., DOBI~N, D., AND LIPTON, R.J. Even databases that lie can be compromised. IEEE Trans Soflw. Eng. SE-4, 1 (1978), 73-75.
 
13
DENNING, D.E. Are statistical databases secure? Tech. Rep., Computer Sciences Dep., Purdue Univ., W. Lafayette, Ind., 1977.
 
14
DENNING, D.E. Secure statistical databases with random sample queries. Computer Sciences Dep., Purdue Univ., W. Lafayette, Ind., 1979.
15
Dorothy E. Denning , Peter J. Denning , Mayer D. Schwartz, The tracker: a threat to statistical database security, ACM Transactions on Database Systems (TODS), v.4 n.1, p.76-96, March 1979  [doi>10.1145/320064.320069]
16
David Dobkin , Anita K. Jones , Richard J. Lipton, Secure databases: protection against user influence, ACM Transactions on Database Systems (TODS), v.4 n.1, p.97-106, March 1979  [doi>10.1145/320064.320068]
 
17
DOBKIN, D., LIPTON, R.J., AND REISS, S.P. Aspects of the database security problem. Proc. Conf. Theoretical Computer Science, Waterloo, Canada, 1977.
 
18
FELLEGI, I.P., AND PHILLIPS, J.L. Statistical confidentiality: Some theory and applications to data dissemination. Ann. Econ. Soc. Meas. 3, 2 {1972), 399-409.
 
19
HAMMER, M.M., AND McLEOD, D.J. Semantic integrity in a relational database system. Proc. Very Large Databases, 1975, pp. 25-47.
 
20
HANSEN, M.H. Insuring confidentiality of individual records in data storage and retrieval for statistical purposes. Proc. AFIPS I971 FJCC, vol. 39, AFIPS Press, Arlington, Va., pp. 579-585.
 
21
HOFFMAN, L.J. Modern Methods for Computer Security and Privacy. Prentice-Hall, Englewood Cliffs, N.J., 1977.
 
22
HOFFMAN, L.J., AND MILLER, W.F. Getting a personel dossier from a statistical data bank. Datamation 16, 5 (May 1970), 74-75.
23
John B. Kam , Jeffrey D. Ullman, A model of statistical database their security, ACM Transactions on Database Systems (TODS), v.2 n.1, p.1-10, March 1977  [doi>10.1145/320521.320525]
 
24
Larry Kerschberg , Anthony C. Klug , Dennis Tsichritzis, A Taxonomy of Data Models, Systems for Large Data Bases, p.43-64, September 08-10, 1976
 
25
NISSSEN, G.M. (ED.) IFIP Working Conf. Modelling in Data Base Management Systems, Proceedings, North-Holland, 1976.
 
26
OZSOYOGLU, G., AND CHIN, F.Y. Enhancing the security of statistical databases with a questionanswering system and a kernel design. Tech. Rep., Dep. Computing Science, Univ. Alberta, Edmonton, Alberta, Canada, 1979.
27
Steven P. Reiss, Security in Databases: A Combinatorial Study, Journal of the ACM (JACM), v.26 n.1, p.45-57, Jan. 1979  [doi>10.1145/322108.322113]
 
28
SchlSrer, J. Identification and retrieval of personnel records from a statistical data bank. Methods Inf. in Med. 14, 1 {Jan. 1975), 7-13.
 
29
SCHLt}RER, J. Confidentiality of statistical records: A threat monitoring scheme for on-line dialogue. Methods Inf. in Med. 15, 1 (Jan. 1976), 36-42.
 
30
SCHLt}aER, J. Union tracker and open statistical databases. Rep. TB-IMSD 1/78, Inst. Medizinische Statistik und Dokumentation, Univ. Giessen, Giessen, W. Germany, June 1978.
 
31
SCHWARTZ, M.D., DENNING, D.E., AND DENNING, P.J. Linear queries in statistical databases. CSD-TR-216, Computer Sciences Dep., Purdue Univ., W. Lafayette, Ind., 1976.
32
John Miles Smith , Diane C. P. Smith, Database abstractions: aggregation, Communications of the ACM, v.20 n.6, p.405-413, June 1977  [doi>10.1145/359605.359620]
33
John Miles Smith , Diane C. P. Smith, Database abstractions: aggregation and generalization, ACM Transactions on Database Systems (TODS), v.2 n.2, p.105-133, June 1977  [doi>10.1145/320544.320546]
 
34
PRIVACY ACT OF 1974. Title 5, United States Code, Section 552a (Public Law 93-579), 1974.
35
C. T. Yu , F. Y. Chin, A study on the protection of statistical data bases, Proceedings of the 1977 ACM SIGMOD international conference on Management of data, August 03-05, 1977, Toronto, Ontario, Canada  [doi>10.1145/509404.509432]

CITED BY  20
Francis Chin, Security problems on inference control for SUM, MAX, and MIN queries, Journal of the ACM (JACM), v.33 n.3, p.451-464, July 1986
D. S. Rogers , E. A. Unger, A deterrent to linear system inferential attacks using a mediator, Proceedings of the 1994 ACM symposium on Applied computing, p.15-19, March 06-08, 1994, Phoenix, Arizona, United States
Mary McLeish, Further results on the security of partitioned dynamic statistical databases, ACM Transactions on Database Systems (TODS), v.14 n.1, p.98-113, March 1989
Francesco M. Malvestuto, A universal-scheme approach to statistical databases containing homogeneous summary tables, ACM Transactions on Database Systems (TODS), v.18 n.4, p.678-708, Dec. 1993
Jon Kleinberg , Christos Papadimitriou , Prabhakar Raghavan, Auditing Boolean attributes, Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, p.86-91, May 15-18, 2000, Dallas, Texas, United States
Nabil R. Adam , John C. Worthmann, Security-control methods for statistical databases: a comparative study, ACM Computing Surveys (CSUR), v.21 n.4, p.515-556, Dec. 1989
Francis Chin , Gultekin Ozsoyoglu, Auditing for secure statistical databases, Proceedings of the ACM '81 conference, p.53-59, January 1981
Gultekin Özsoyoglu , Z. Meral Özsoyoglu, Update handling techniques in statistical databases, Proceedings of the 1st LBL Workshop on Statistical database management, p.249-283, December 02-04, 1981, Melno Park, California
Jon Kleinberg , Christos Papadimitriou , Prabhakar Raghavan, Auditing Boolean attributes, Journal of Computer and System Sciences, v.66 n.1, p.244-253, 01 February 2003
Hideto Sato , Ryosuke Hotaka, For large meta information of national integrated statistics, Proceedings of the 1st LBL Workshop on Statistical database management, p.206-223, December 02-04, 1981, Melno Park, California
Lingyu Wang , Duminda Wijesekera , Sushil Jajodia, Cardinality-based inference control in data cubes, Journal of Computer Security, v.12 n.5, p.655-692, September 2004
Gultekin Özsoyoglu , Z. Meral Özsoyoglu, Features of a system for statistical databases, Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management, p.9-18, September 27-29, 1983, Los Altos, California
Zbigniew Michalewicz, Statistical databases: their model, query language and security, Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management, p.391-402, September 27-29, 1983, Los Altos, California
Francis Y. L. Chin , Peter Kossowski, Efficient inference control for range SUM queries on statistical data bases, Proceedings of the 1st LBL Workshop on Statistical database management, p.239-248, December 02-04, 1981, Melno Park, California
Steve Guynes, Privacy considerations as we enter the “information highway” era, ACM SIGCAS Computers and Society, v.24 n.3, p.16-19, Sept. 1994
Ezio Lefons , Alberto Silvestri , Filippo Tangorra, An Analytic Approach to Statistical Databases, Proceedings of the 9th International Conference on Very Large Data Bases, p.260-274, October 31-November 02, 1983
Barry Schouten , Marc Cigrang, Remote access systems for statistical analysis of microdata, Statistics and Computing, v.13 n.4, p.381-389, October 2003
Carl Stephen Guynes, Protecting statistical databases: a matter of privacy, ACM SIGCAS Computers and Society, v.19 n.1, p.15-20, March 1989
Francesco M. Malvestuto , Mauro Mezzini , Marina Moscarini, An analytical approach to the inference of summary data of additive type, Theoretical Computer Science, v.385 n.1-3, p.264-285, October, 2007
Haibing Lu , Yingjiu Li , Vijayalakshmi Atluri , Jaideep Vaidya, An efficient online auditing approach to limit private data disclosure, Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology, March 24-26, 2009, Saint Petersburg, Russia

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.8 Database applications
          Subjects: Statistical databases


General Terms:
Design, Security


Keywords:
compromisability, conceptual databases model, database design, protection, security, statistical database

Collaborative Colleagues:
Francis Y. Chin: colleagues
Gultekin Ozsoyoglu: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player