ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Secure databases: protection against user influence
Full text PdfPdf (582 KB)
Source ACM Transactions on Database Systems (TODS) archive
Volume 4 ,  Issue 1  (March 1979) table of contents
Pages: 97 - 106  
Year of Publication: 1979
ISSN:0362-5915
Authors
David Dobkin  Univ. of Arizona, Tucson
Anita K. Jones  Carnegie-Mellon Univ., Pittsburgh, PA
Richard J. Lipton  Yale Univ., New Haven, CT
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 58,   Citation Count: 52
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/320064.320068
What is a DOI?

Warning: The download time has expired please click on the item to try again.


ABSTRACT

Users may be able to compromise databases by asking a series of questions and then inferring new information from the answers. The complexity of protecting a database against this technique is discussed here.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
E. F. Codd, A relational model of data for large shared data banks, Communications of the ACM, v.13 n.6, p.377-387, June 1970  [doi>10.1145/362384.362685]
 
2
DEMILLO, R., DOBKIN, D., ANt) LIPTON, R. Even data bases that lie can be compromised. IEEE Trans. Software Eng. SE-4, 1 (1978), 73-75.
3
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976  [doi>10.1145/360051.360056]
 
4
FENTON, J.S. Memoryless subsystems. Comptr. J. 17, 2 (1974), 143-147.
 
5
GaAHAM, G.S., AND DENNING, P.J. Protection--principles and practice. Proc. AFIPS I972 SJCC, Vol. 40, AFIPS Press, Montvale, N.J., pp. 417-429.
 
6
HAQ, M. Insuring individuals' privacy from statistical data base users. Proc. AFIPS 1975 NCC, Vol. 43, AFIPS Press, Montvale, N.J., pp. 941-946.
 
7
HOFFMAN, L.J., AND MILLER, W.F. Getting a personal dossier from a statistical data bank. Datamation 16, 5 (May I970}, 74-75.
8
Anita K. Jones , Richard J. Lipton, The enforcement of security policies for computation, Proceedings of the fifth ACM symposium on Operating systems principles, p.197-206, November 19-21, 1975, Austin, Texas, United States
 
9
JONES, A.K., AND WULF, W.A. Towards the design of secure systems. Software--Practices and Experience 5, 4 (Oct. 1975), 321-336.
 
10
LAMPSON, B.W. Protection. Proc. 5th Princeton Symp. Inform. Sci. and Syst., 1971, pp. 437-443.
 
11
Elliott I. Organick, The Multics System: An Examination of Its Structure, The MIT Press, 1972
12
W. Wulf , E. Cohen , W. Corwin , A. Jones , R. Levin , C. Pierson , F. Pollack, HYDRA: the kernel of a multiprocessor operating system, Communications of the ACM, v.17 n.6, p.337-345, June 1974  [doi>10.1145/355616.364017]

CITED BY  52
Dorothy E. Denning , Peter J. Denning, Data Security, ACM Computing Surveys (CSUR), v.11 n.3, p.227-249, Sept. 1979
Francis Y. Chin , Gultekin Ozsoyoglu, Statistical database design, ACM Transactions on Database Systems (TODS), v.6 n.1, p.113-139, March 1981
Nabil R. Adam , John C. Worthmann, Security-control methods for statistical databases: a comparative study, ACM Computing Surveys (CSUR), v.21 n.4, p.515-556, Dec. 1989
Robert P. Trueblood , H. Rex Hartson , Johannes J. Martin, MULTISAFE—a modular multiprocessing approach to secure database management, ACM Transactions on Database Systems (TODS), v.8 n.3, p.382-409, Sept. 1983
Benny Chor , Eyal Kushilevitz , Oded Goldreich , Madhu Sudan, Private information retrieval, Journal of the ACM (JACM), v.45 n.6, p.965-981, Nov. 1998
J. F. Traub , Y. Yemini , H. Woźniakowski, The statistical security of a statistical database, ACM Transactions on Database Systems (TODS), v.9 n.4, p.672-679, Dec. 1984
Dorothy E. Denning, Secure statistical databases with random sample queries, ACM Transactions on Database Systems (TODS), v.5 n.3, p.291-315, Sept. 1980
Rakesh Agrawal , Ramakrishnan Srikant, Privacy-preserving data mining, ACM SIGMOD Record, v.29 n.2, p.439-450, June 2000
Mary McLeish, Further results on the security of partitioned dynamic statistical databases, ACM Transactions on Database Systems (TODS), v.14 n.1, p.98-113, March 1989
Dorothy E. Denning , Peter J. Denning , Mayer D. Schwartz, The tracker: a threat to statistical database security, ACM Transactions on Database Systems (TODS), v.4 n.1, p.76-96, March 1979
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981
Steven P. Reiss, Practical data-swapping: the first steps, ACM Transactions on Database Systems (TODS), v.9 n.1, p.20-37, March 1984
Keishi Tajima, Static detection of security flaws in object-oriented databases, ACM SIGMOD Record, v.25 n.2, p.341-352, June 1996
Dorothy E. Denning , Jan Schlörer, A fast procedure for finding a tracker in a statistical database, ACM Transactions on Database Systems (TODS), v.5 n.1, p.88-102, March 1980
Jon Kleinberg , Christos Papadimitriou , Prabhakar Raghavan, Auditing Boolean attributes, Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, p.86-91, May 15-18, 2000, Dallas, Texas, United States
Jan Schlöer, Security of statistical databases: multidimensional transformation, ACM Transactions on Database Systems (TODS), v.5 n.4, p.467-492, Dec. 1980
Gregory R. Andrews , David P. Dobkin, Active data structures, Proceedings of the 5th international conference on Software engineering, p.354-362, March 09-12, 1981, San Diego, California, United States
Wiebren de Jonge, Compromising statistical databases responding to queries about means, ACM Transactions on Database Systems (TODS), v.8 n.1, p.60-80, March 1983
John H. Reif , Gary L. Peterson, A dynamic logic of multiprocessing with incomplete information, Proceedings of the 7th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.193-202, January 28-30, 1980, Las Vegas, Nevada
Subhasish Mazumdar , David Stemple , Tim Sheard, Resolving the tension between integrity and security using a theorem prover, ACM SIGMOD Record, v.17 n.3, p.233-242, June 1988
Claus Boyens , Oliver Günther , Maximilian Teltzrow, Privacy conflicts in CRM services for online shops: a case study, Proceedings of the IEEE international conference on Privacy, security and data mining, p.27-35, December 01, 2002, Maebashi City, Japan
Jon Kleinberg , Christos Papadimitriou , Prabhakar Raghavan, Auditing Boolean attributes, Journal of Computer and System Sciences, v.66 n.1, p.244-253, 01 February 2003
Chris Clifton , Murat Kantarcioǧlu , AnHai Doan , Gunther Schadow , Jaideep Vaidya , Ahmed Elmagarmid , Dan Suciu, Privacy-preserving data integration and sharing, Proceedings of the 9th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery, June 13, 2004, Paris, France
Chong K. Liew , Uinam J. Choi , Chung J. Liew, A data distortion by probability distribution, ACM Transactions on Database Systems (TODS), v.10 n.3, p.395-411, Sept. 1985
M. D. Schwartz , D. E. Denning , P. J. Denning, Linear queries in statistical databases, ACM Transactions on Database Systems (TODS), v.4 n.2, p.156-167, June 1979
Leland L. Beck, A security machanism for statistical database, ACM Transactions on Database Systems (TODS), v.5 n.3, p.316-3338, Sept. 1980
Rakesh Agrawal , Alexandre Evfimievski , Ramakrishnan Srikant, Information sharing across private databases, Proceedings of the 2003 ACM SIGMOD international conference on Management of data, June 09-12, 2003, San Diego, California
Jennifer L. Wong , Jessica Feng , Darko Kirovski , Miodrag Potkonjak, Security in sensor networks: watermarking techniques, Wireless sensor networks, Kluwer Academic Publishers, Norwell, MA, 2004
Jitender S. Deogun , Vijay V. Raghavan, Query directed partitioning scheme for securing statistical databases, Proceedings of the 1st LBL Workshop on Statistical database management, p.285-293, December 02-04, 1981, Melno Park, California
Krishnaram Kenthapadi , Nina Mishra , Kobbi Nissim, Simulatable auditing, Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, June 13-15, 2005, Baltimore, Maryland
Lingyu Wang , Duminda Wijesekera , Sushil Jajodia, Cardinality-based inference control in data cubes, Journal of Computer Security, v.12 n.5, p.655-692, September 2004
Dorothy E. Denning, A security model for the statistical database problem, Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management, p.368-390, September 27-29, 1983, Los Altos, California
Zbigniew Michalewicz, Statistical databases: their model, query language and security, Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management, p.391-402, September 27-29, 1983, Los Altos, California
Nina Mishra , Mark Sandler, Privacy via pseudorandom sketches, Proceedings of the twenty-fifth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, June 26-28, 2006, Chicago, IL, USA
Peter Jonsson , Andrei Krokhin, Computational complexity of auditing finite attributes in statistical databases, Journal of Computer and System Sciences, v.74 n.5, p.898-909, August, 2008
Shubha U. Nabar , Bhaskara Marthi , Krishnaram Kenthapadi , Nina Mishra , Rajeev Motwani, Towards robustness in query auditing, Proceedings of the 32nd international conference on Very large data bases, September 12-15, 2006, Seoul, Korea
Andrew Simpson , David Power , Mark Slaymaker, On tracker attacks in health grids, Proceedings of the 2006 ACM symposium on Applied computing, April 23-27, 2006, Dijon, France
Ashwin Machanavajjhala , Daniel Kifer , Johannes Gehrke , Muthuramakrishnan Venkitasubramaniam, L-diversity: Privacy beyond k-anonymity, ACM Transactions on Knowledge Discovery from Data (TKDD), v.1 n.1, p.3-es, March 2007
Rainer Hüber , Peter C. Lockemann, Information protection by method base systems, Proceedings of the fourth international conference on Very Large Data Bases, p.420-426, September 13-15, 1978, West Berlin, Germany
G. Aggarwal , M. Bawa , P. Ganesan , H. Garcia-Molina , K. Kenthapadi , N. Mishra , R. Motwani , U. Srivastava , D. Thomas , J. Widom , Y. Xu, Vision paper: enabling privacy for the paranoids, Proceedings of the Thirtieth international conference on Very large data bases, p.708-719, August 31-September 03, 2004, Toronto, Canada
Rakesh Agrawal , Jerry Kiernan , Ramakrishnan Srikant , Yirong Xu, Hippocratic databases, Proceedings of the 28th international conference on Very Large Data Bases, p.143-154, August 20-23, 2002, Hong Kong, China
François Bancilhon , Nicolas Spyratos, Protection of information in relational data bases, Proceedings of the third international conference on Very large data bases, p.494-500, October 06-08, 1977, Tokyo, Japan
Wei Jiang , Chris Clifton, A secure distributed framework for achieving k-anonymity, The VLDB Journal — The International Journal on Very Large Data Bases, v.15 n.4, p.316-333, November 2006
Ernst L. Leiss, Randomizing, A Practical Method for Protecting Statistical Databases Against Compromise, Proceedings of the 8th International Conference on Very Large Data Bases, p.189-196, September 08-10, 1982
Arie Shoshani, Statistical Databases: Characteristics, Problems, and some Solutions, Proceedings of the 8th International Conference on Very Large Data Bases, p.208-222, September 08-10, 1982
Lei Zhang , Sushil Jajodia , Alexander Brodsky, Information disclosure under realistic assumptions: privacy versus optimality, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Lingyu Wang , Yingjiu Li , Sushil Jajodia , Duminda Wijesekera, Parity-based inference control for multi-dimensional range sum queries, Journal of Computer Security, v.15 n.4, p.417-445, September 2007
Buğra Gedik , Ling Liu, Protecting Location Privacy with Personalized k-Anonymity: Architecture and Algorithms, IEEE Transactions on Mobile Computing, v.7 n.1, p.1-18, January 2008
Charles R. Young, A security policy for a profile-oriented operating system, Proceedings of the May 4-7, 1981, national computer conference, May 04-07, 1981, Chicago, Illinois
Vangalur S. Alagar , Bernard Blanchard , David Glaser, Effective inference control mechanisms for securing statistical databases, Proceedings of the May 4-7, 1981, national computer conference, May 04-07, 1981, Chicago, Illinois
Xiangdong An , Dawn Jutla , Nick Cercone, Dynamic inference control in privacy preference enforcement, Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, October 30-November 01, 2006, Markham, Ontario, Canada
Haibing Lu , Yingjiu Li , Vijayalakshmi Atluri , Jaideep Vaidya, An efficient online auditing approach to limit private data disclosure, Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology, March 24-26, 2009, Saint Petersburg, Russia

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.7 Database Administration
          Subjects: Security, integrity, and protection


General Terms:
Design, Security


Keywords:
compromise, database, inference, information flow, protection, security, statistical query

Collaborative Colleagues:
David Dobkin: colleagues
Anita K. Jones: colleagues
Richard J. Lipton: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player