ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Data Security
Full text PdfPdf (1.97 MB)
Source ACM Computing Surveys (CSUR) archive
Volume 11 ,  Issue 3  (September 1979) table of contents
Pages: 227 - 249  
Year of Publication: 1979
ISSN:0360-0300
Authors
Dorothy E. Denning  Computer Science Department, Purdue University, West Lafayette, Indiana
Peter J. Denning  Computer Science Department, Purdue University, West Lafayette, Indiana 47907
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 47,   Downloads (12 Months): 250,   Citation Count: 26
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/356778.356782
What is a DOI?

ABSTRACT

The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest in the technical safeguards for data. There are four kinds of safeguards, each related to but distinct from the others. Access controls regulate which users may enter the system and subsequently which data sets an active user may read or write. Flow controls regulate the dissemination of values among the data sets accessible to a user. Inference controls protect statistical databases by preventing questioners from deducing confidential information by posing carefully designed sequences of statistical queries and correlating the responses. Statistical data banks are much less secure than most people believe. Data encryption attempts to prevent unauthorized disclosure of confidential information in transit or in storage. This paper describes the general nature of controls of each type, the kinds of problems they can and cannot solve, and their inherent limitations and weaknesses. The paper is intended for a general audience with little background in the area.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
ACHU78
ACHUGBUE, J.O., AND CHIN, F.Y. Output perturbation for protect~on of stat~s. tical data bases, Dept. Computing Science, Univ. Alberta, Edmonton, Canada, Jan. 1978.
 
ANDE72
ANDERSON, J.P. "Information security in a multi-user computer environment," in Advances m computers, Vol. 12, Morris Rubinoff (Ed.), Academic Press, New York, 1972.
 
BECK79
BECK, L.L. A security mechamsm for stattstical databases, Dept. Computer Science and Engineering, Southern Methodist Univ., Dallas, Tex., Jan. 1979.
BONC77
Robert H. Bonczek , James I. Cash , Andrew B. Whinston, A transformational grammar-based query processor for access control in a planning system, ACM Transactions on Database Systems (TODS), v.2 n.4, p.326-338, Dec. 1977  [doi>10.1145/320576.320582]
 
BORU71
BORUCH, R.F. "Maintaining confidentiality in educational research: A systematic analysis," Am. Psychol. 26 (1971), 413--430.
 
CAMP77
CAMPBELL, D.T., ET AL. "Confidentiality-preserving modes of access to files and to interfile exchange for useful statistical analysis," Eval. Q. 1, 2 (May 1977), 269-299.
COHE75
Ellis Cohen , David Jefferson, Protection in the Hydra Operating System, Proceedings of the fifth ACM symposium on Operating systems principles, p.141-160, November 19-21, 1975, Austin, Texas, United States
COHE77
Ellis Choen, Information transmission in computational systems, Proceedings of the sixth ACM symposium on Operating systems principles, p.133-139, November 16-18, 1977, West Lafayette, Indiana, United States
 
COHE78
COHEN, E. "Information transmission in sequential programs," in Foundations of secure computation, R.A. DeMillo et al. (Eds.), Academic Press, New York, 1978, pp. 297-335.
CONW72
R. W. Conway , W. L. Maxwell , H. L. Morgan, On the implementation of security measures in information systems, Communications of the ACM, v.15 n.4, p.211-220, April 1972  [doi>10.1145/361284.361287]
 
DALE78
DALENIUS, T., AND REISS, S.P. Dataswappmg--A technique for disclosure control, Computer Science, Brown Univ., Providence, R.I., (1978).
 
DEMI77
DEMILLO, R.A., DOBKIN, D., AND LIP- TON, R.J. "Even data bases that lie can be compromised," IEEE Trans. Software Eng. SE-4, 1 (Jan. 1977) 73-75.
 
DEMI78
Richard A. DeMillo , Richard J. Lipton , David P. Dobkin , Anita K. Jones, Foundations of Secure Computation, Academic Press, Inc., Orlando, FL, 1978
DENN71
Peter J. Denning, Third Generation Computer Systems, ACM Computing Surveys (CSUR), v.3 n.4, p.175-216, Dec. 1971  [doi>10.1145/356593.356595]
DENN76a
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976  [doi>10.1145/360051.360056]
DENN76b
Peter J. Denning, Fault Tolerant Operating Systems, ACM Computing Surveys (CSUR), v.8 n.4, p.359-389, Dec. 1976  [doi>10.1145/356678.356680]
DENN77
Dorothy E. Denning , Peter J. Denning, Certification of programs for secure information flow, Communications of the ACM, v.20 n.7, p.504-513, July 1977  [doi>10.1145/359636.359712]
DENN79a
Dorothy E. Denning , Peter J. Denning , Mayer D. Schwartz, The tracker: a threat to statistical database security, ACM Transactions on Database Systems (TODS), v.4 n.1, p.76-96, March 1979  [doi>10.1145/320064.320069]
 
DENN79b
DENNING, D.E., AND SCHLORER, d. A fast procedure for finding a tracker m a statistical database, Computer Science Dept., Purdue Umv., W. Lafayette, Ind. and Inst. Medizimsche Statistik und Dokumentation, Unlv Giessen, W. Germany, Feb. 1979.
 
DENN79c
DENNING, D.E. Securing databases under random sample queries, Computer Science Dept., Purdue Univ., W. Lafayette, Ind., April 1979.
DENN79d
Dorothy E. Denning, Secure personal computing in an insecure network, Communications of the ACM, v.22 n.8, p.476-482, Aug. 1979  [doi>10.1145/359138.359143]
DENV66
Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966  [doi>10.1145/365230.365252]
 
DIFF76
DIFFIE, W., AND HELLMAN, M. "New dtrections in cryptography," IEEE Trans. Inf Theory IT-22, 6 (Nov. 1976), 644-654.
 
DIFF77
DIFFIE, W., AND HELLMAN, M E "Exhaustive cryptanalyms of the NBS Data Encryptlon Standard," Computer 10, 6 (June 1977), 74-84.
DOBK79
David Dobkin , Anita K. Jones , Richard J. Lipton, Secure databases: protection against user influence, ACM Transactions on Database Systems (TODS), v.4 n.1, p.97-106, March 1979  [doi>10.1145/320064.320068]
 
EHRS78
EHRSAM, W.F, MATYAS, S.M., MEYER, C.H., AND TUCHMAN, W.L. "A cryptographic key management scheme for implementing the Data Encryption Standard," IBM Syst. J. 17, 2 (1978), 106-125.
 
ENGL74
ENGLAND, D.M. "Capability concept mechanism and structure in system 250," in Proc. Int. Workshop on Protection in Operatmg Systems, Inst. Recherche d'Informatique et d'Automatique, Rocquencourt, Le Chesnay, France, Aug. 1974, pp. 63-82.
EVAN74
Arthur Evans, Jr. , Edwin Weiss, A user authentication scheme not requiring secrecy in the computer, Communications of the ACM, v.17 n.8, p.437-442, Aug. 1974  [doi>10.1145/361082.361087]
FABR74
R. S. Fabry, Capability-based addressing, Communications of the ACM, v.17 n.7, p.403-412, July 1974  [doi>10.1145/361011.361070]
FAGI78
Ronald Fagin, On an authorization mechanism, ACM Transactions on Database Systems (TODS), v.3 n.3, p.310-319, Sept. 1978  [doi>10.1145/320263.320288]
 
FEIG70
FEIGE, E.L., AND WATTS, H.W. "Protection of privacy through microaggregatlon," in Data bases, computer, and the social sciences, R.L. Blsco (Ed.), Wiley-Interscience, New York, 1970.
 
FENT74
FENTON, J.S. "Memoryless subsystems," Comput. J 17, 2 (May 1974). 143- 147.
 
FURT78
FURTEK, F. "Constraints and compromtse," in Foundattons of secure computation, R.A. DeMfllo et al. (Eds.), Academic Press, New York, 1978, pp. 189-204.
GAIN78
R. Stockton Gaines , Norman Z. Shapiro, Some security principles and their application to computer security, ACM SIGOPS Operating Systems Review, v.12 n.3, p.19-28, July 1978  [doi>10.1145/775396.775398]
 
GARD77
GARDNER, M. "Mathematical games," Scz. Am. 237, 2 (Aug. 1977), 120-124.
 
GEHR79
Edward Francis Gehringer, Functionality and performance in capability-based operating systems., 1979
 
GRAH72
GRAHAM, G S, AND DENNING, P.J. "ProtectlonmPrinciples and practice," in Proc. 1972 AFIPS Spring Jt. Computer Conf., Vol. 40, AFIPS Press, Montvale, N.J., pp. 417-429.
GRIF76
Patricia P. Griffiths , Bradford W. Wade, An authorization mechanism for a relational database system, ACM Transactions on Database Systems (TODS), v.1 n.3, p.242-255, Sept. 1976  [doi>10.1145/320473.320482]
 
HANS71
HANSEN, M.H. "Insuring confidentiality of individual records in data storage and retrieval for statistical purposes," in Proc. 1971AFIPS Fall Jt. Computer Conf., Vol. 39, AFIPS Press, Montvale, N.J., pp. 579- 585.
HARR76
Michael A. Harrison , Walter L. Ruzzo , Jeffrey D. Ullman, Protection in operating systems, Communications of the ACM, v.19 n.8, p.461-471, Aug. 1976  [doi>10.1145/360303.360333]
HART76
H. Rex Hartson , David K. Hsiao, Full protection specifications in the semantic model for database protection languages, Proceedings of the annual conference, p.90-95, October 20-22, 1976, Houston, Texas, United States  [doi>10.1145/800191.805538]
 
HELL78
HELLMAN, M.E. "Security in communications networks," in Proc. AFIPS 1978 Nat. Computer Conf., Vol. 47, AFIPS Press, Montvale, N.J., 1978, pp. 1131- 1134.
 
HOFF70
HOFFMAN, L.J., AND MILLER, W.F. "Getting a personal dossier from a statistical data bank," Datamation 16, 5 (May 1970), 74-75.
 
HOFF77
HOFFMAN, L.J. Modern methods for computer security and privacy, Prentice- Hall, Englewood Cliffs, N.J., 1977.
 
HSIA78
HSIAO, D.K., KERR, D.S., AND MADNICK, S.E. "Privacy and security of data communications and data bases," in Proc. Int Conf. Very Large Data Bases, Sept. 1978.
 
JONE76
Anita K. Jones , Barbara H. Liskov, A language extension for controlling access to shared data, Proceedings of the 2nd international conference on Software engineering, p.235, October 13-15, 1976, San Francisco, California, United States
 
KAHN67
KAHN, D. The codebreakers, Macmillan Co., New York, 1967.
 
KARP70
KARPINSKI, R.H. "Reply to Hoffman and Shaw," Datamation 16, 10 (Oct. 1970), 11.
 
KONF78
KONFELDER, L.M. "A method for certification," Lab. Computer Science, MIT, Cambridge, Mass., May 1978.
 
KONH78
KONHEIM, A.G. "Cryptographic methods for data protection," Res. Rep. RC 7026 (#30100), IBM Thomas J. Watson Research Center, Yorktown Heights, N.Y., March 1978.
LAMP73
Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973  [doi>10.1145/362375.362389]
LEMP79
Abraham Lempel, Cryptology in Transition, ACM Computing Surveys (CSUR), v.11 n.4, p.285-303, Dec. 1979  [doi>10.1145/356789.356792]
 
LENN78
LENNON, R.E. "Cryptography architecture for information security," IBM Syst. J. 17, 2 (1978), 138-150.
LIND76
Theodore A. Linden, Operating System Structures to Support Security and Reliable Software, ACM Computing Surveys (CSUR), v.8 n.4, p.409-445, Dec. 1976  [doi>10.1145/356678.356682]
LIPN75
Steven B. Lipner, A comment on the confinement problem, Proceedings of the fifth ACM symposium on Operating systems principles, p.192-196, November 19-21, 1975, Austin, Texas, United States
 
LIPT78
LIPTON, R.J., AND BUDD, T.A. "On classes of protection systems," in Foun. dattons of secure computation, R.A. DeMillo et al. (Eds.), Academic Press, New York, 1978, pp. 281-296.
 
MADN79
MADNICK, S.E. Computer security, Academic Press, New York, 1979.
 
MATY78
MATYAS, S.M., AND MEYER, C.H. "Generation, distribution, and installation of cryptographic keys," IBM Syst. J. 17, 2 (1978), 126-137.
 
MERK78
MEEKLE, R.C., AND HELLMAN, M.E. "Hiding information and signatures in trap door knapsacks," IEEE Trans. Inf. Theory, It-24, 5 (Sept. 1978), 525- 530.
MILL76
Jonathan K. Millen, Security Kernel validation in practice, Communications of the ACM, v.19 n.5, p.243-250, May 1976  [doi>10.1145/360051.360059]
 
MILL78
MILLEN, J.K. "Constraints and multilevel security," in Foundations of secure computation, R.A. DeMillo et al. (Eds.), Academic Press, New York, 1978, pp 205- 222.
 
MORR78
MORRIS, R., AND THOMPSON, K. Password security: A case history, CS- TR-71, Bell Labs, Murray Hill, N.J., April 1978.
 
MYER78
Glenford J. Myers, Advances in Computer Architecture, John Wiley & Sons, Inc., New York, NY, 1982
 
NBS77
NATIONAL BUREAU OF STAND~/.RDS, Data Encryption Standard, FIPS PUB 46, Jan. 1977.
NEED77
R. M. Needham , R. D.H. Walker, The Cambridge CAP computer and its protection system, Proceedings of the sixth ACM symposium on Operating systems principles, p.1-10, November 16-18, 1977, West Lafayette, Indiana, United States
NEED78
Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978  [doi>10.1145/359657.359659]
 
NEUM77
NEUMANN, P.G., ET AL. "A probably secure operating system: The system, its applications, and proofs," Project 4332 Final Rep., SRI International, Menlo Park, Calif., Feb. 1977.
 
NIEL76
NIELSEN, N.R., RUDER, B., AND BRAN- DIN, D.H. "Effective safeguards for computer system integrity," in Proc. AFIPS Nat. Computer Conf. Vol. 45, AFIPS Press, Montvale, N.J., 1976, pp. 75-84.
 
ORGA72
Elliott I. Organick, The Multics System: An Examination of Its Structure, The MIT Press, 1972
 
ORGA73
Elliott Irving Organick, Computer system organization: The B5700/B6700 series (ACM monograph series), Academic Press, Inc., Orlando, FL, 1973
 
PARK76
PARKER, D.B. Crime by computer, Scribner's, New York, 1976.
 
POPE74
POPEK, G.J. "Protection structures," Computer 7, 6 (June 1974), 22-31.
 
POPE78a
Gerald J. Popek , Charles S. Kline, Design Issues for Secure Computer Networks, Operating Systems, An Advanced Course, p.517-546, January 1978
 
POPE78b
Gerald J. Popek , Charles S. Kline, Issues in Kernel Design, Operating Systems, An Advanced Course, p.209-227, January 1978
POPE78c
Gerald J. Popek , David A. Farber, A model for verification of data security in operating systems, Communications of the ACM, v.21 n.9, p.737-749, Sept. 1978  [doi>10.1145/359588.359597]
 
RABI78
RABIN, M. "Digital signatures using conventional encryption algorithms," in Foundations of secure computing, R.A. DeMiUo et al. (Eds.), Academic Press, New York, 1978, pp. 155-166.
 
REDE74
REDELL, D.R., AND FABRY, R.S. "Selective revocation of capabilities," Proc. Int. Workshop Protection m Operating Systems, inst. Recherche d'Informatique et d'Automatique, Rocquencourt, Le Chesnay, France, Aug. 1974
 
REIT78
REITMAN, R.P., AND ANDREWS, G.R. Certifying information flow properties of programs: An axiomatic approach, Syracuse Univ., Syracuse, N.Y., and Cornell Univ., Ithaca, N.Y., 1978.
RIVE78a
R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
 
RIVE78b
RIVEST, R.L., ADLEMAN, L., AND DER- TOUZOS, M.L. "On data banks and privacy homomorphisms," in Foundations of secure computing, R.A. DeMillo et al. (Eds.), Academic Press, New York, 1978, pp. 169-179.
 
RPP77
"The report of the privacy protection study commission," Appendix 5, in Tech. nology and privacy, U.S. GoD. Printing Office, Washington, D.C. July 1977.
 
SALT75
SALTZER, J.H., AND SCHROEDER, M.D. "The Protection of information in computer systems," Proc IEEE 63, 9 (Sept. 1975), 1278-1308.
SALT78
Jerome H. Saltzer, On digital signatures, ACM SIGOPS Operating Systems Review, v.12 n.2, p.12-14, April 1978  [doi>10.1145/775332.775334]
 
SCHL75
~CHLdRER, J. "Identification and retrieval of personal records from a statistical data bank," Methods Inf. Med 14, 1 (Jan. 1975), 7-13.
 
SCHL77
SCHLORER, J. "Confidentiality and security in statistical data banks," Proc. Workshop on Data Documentation, Verlag Dokumentation, 1977, pp. 101-123.
 
SCHL78
SCHLORER, J. Security of statistical databases: Multidimensional transforma. tiono TB-IMSD 2/78, Inst. Medizinische Statistik und Documentation, Univ. GleN- sen. W. Germany, 1978.
 
SCHL79
SCHLORER, J. Disclosure from statist~. cal databases: Quantitative aspects of trackers, Inst. Medizinische Statistik und Dokumentation, Univ. Giessen, W. Germany, March 1979; to appear in A CM Trans. Database Syst.
SCHR72
Michael D. Schroeder , Jerome H. Saltzer, A hardware architecture for implementing protection rings, Communications of the ACM, v.15 n.3, p.157-170, March 1972  [doi>10.1145/361268.361275]
SCHR77
Michael D. Schroeder , David D. Clark , Jerome H. Saltzer, The Multics kernel design project, Proceedings of the sixth ACM symposium on Operating systems principles, p.43-56, November 16-18, 1977, West Lafayette, Indiana, United States
SCHW79
M. D. Schwartz , D. E. Denning , P. J. Denning, Linear queries in statistical databases, ACM Transactions on Database Systems (TODS), v.4 n.2, p.156-167, June 1979  [doi>10.1145/320071.320073]
 
SHAM79
SHAMIR, A., RIVEST, R.L., AND ADLEMAN, L.M. "Mental poker," Lab. Computer Science, MIT, Cambridge, Mass., Jan. 1979.
 
SHAN77
SHANKAR, K.S. "The total computer security problem: An overdraW," Computer 10, 6 (June 1977), 50-73.
SIMM79
Gustavus J. Simmons, Symmetric and Asymmetric Encryption, ACM Computing Surveys (CSUR), v.11 n.4, p.305-330, Dec. 1979  [doi>10.1145/356789.356793]
SNYD77
Lawrence Snyder, On the synthesis and analysis of protection systems, Proceedings of the sixth ACM symposium on Operating systems principles, p.141-150, November 16-18, 1977, West Lafayette, Indiana, United States
STON74
Michael Stonebraker , Eugene Wong, Access control in a relational data base management system by query modification, Proceedings of the 1974 annual conference, p.180-186, January 1974  [doi>10.1145/800182.810400]
 
TURN76
TURN, I~., AND WARE, W.H. "Privacy and security issues m information systems," IEEE Trans. Comput. C-25, 12 (Dec 1976), 1353-1361.
WALT75
K. G. Walter , S. I. Schaen , W. F. Ogden , W. C. Rounds , D. G. Shumway , D. D. Schaeffer , K. J. Biba , F. T. Bradshaw , S. R. Ames , J. M. Gilligan, Structured specification of a Security Kernel, Proceedings of the international conference on Reliable software, p.285-293, April 21-23, 1975, Los Angeles, California
 
WEIS69
WEISSMAN, C. "Security controls in the ADEPT-50 time-sharing system," Proc. 1969 AFIPS Fall Jt. Computer Conf., Vol. 35, AFIPS Press, Montvale, N.J., pp. 119- 133.
 
WEST72
WESTIN, A.F., AND BAKER, M.A. Databanks in a free society, Quadrangle Books, New York, 1972.
 
WILE68
M. V. Wilkes, Time Sharing Computer Systems, Elsevier Science Inc., New York, NY, 1975
YU78
C. T. Yu , F. Y. Chin, A study on the protection of statistical data bases, Proceedings of the 1977 ACM SIGMOD international conference on Management of data, August 03-05, 1977, Toronto, Ontario, Canada  [doi>10.1145/509404.509432]

CITED BY  26
Andrea Carol Arpaci-Dusseau, Implicit coscheduling: coordinated scheduling with implicit information in distributed systems, ACM Transactions on Computer Systems (TOCS), v.19 n.3, p.283-331, Aug. 2001
Dorothy E. Denning, Secure statistical databases with random sample queries, ACM Transactions on Database Systems (TODS), v.5 n.3, p.291-315, Sept. 1980
Ravinderpal S. Sandhu, The NTree: a two dimension partial order for protection groups, ACM Transactions on Computer Systems (TOCS), v.6 n.2, p.197-222, May 1988
Michael Anderson, A dynamic knowledge based approach to the problem of deduction on a non-statistical multilevel secure database, Proceedings of the second international conference on Information and knowledge management, p.154-163, November 01-05, 1993, Washington, D.C., United States
Niv Ahituv , Yeheskel Lapid , Seev Neumann, Processing encrypted data, Communications of the ACM, v.30 n.9, p.777-780, Sept. 1987
Kim S. Lee , Huizhu Lu , D. D. Fisher, A hierarchical single-key-lock access control using the Chinese remainder theorem, Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing: technological challenges of the 1990's, p.491-496, April 1992, Kansas City, Missouri, United States
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981
George L. Sicherman , Wiebren De Jonge , Reind P. Van de Riet, Answering queries without revealing secrets, ACM Transactions on Database Systems (TODS), v.8 n.1, p.41-59, March 1983
Chong K. Liew , Uinam J. Choi , Chung J. Liew, A data distortion by probability distribution, ACM Transactions on Database Systems (TODS), v.10 n.3, p.395-411, Sept. 1985
Traian Marius Truta , Farshad Fotouhi , Daniel Barth-Jones, Assessing global disclosure risk in masked microdata, Proceedings of the 2004 ACM workshop on Privacy in the electronic society, October 28-28, 2004, Washington DC, USA
Wen-Pai Lu , Malur K. Sundareshan, A Model for Multilevel Security in Computer Networks, IEEE Transactions on Software Engineering, v.16 n.6, p.647-659, June 1990
Richard Y. Wang , Veda C. Storey , Christopher P. Firth, A Framework for Analysis of Data Quality Research, IEEE Transactions on Knowledge and Data Engineering, v.7 n.4, p.623-640, August 1995
Thomas C. Richards, A seminar in computer audit and control systems, ACM SIGSAC Review, v.3 n.1, p.6-10, Spring/Summer 1984
R. S. Sandhu, Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups, IEEE Transactions on Software Engineering, v.15 n.12, p.1518-1525, December 1989
Ted M. Sparr, Units and accuracy in statistical databases, Proceedings of the 1st LBL Workshop on Statistical database management, p.59-60, December 02-04, 1981, Melno Park, California
Lingyu Wang , Duminda Wijesekera , Sushil Jajodia, Cardinality-based inference control in data cubes, Journal of Computer Security, v.12 n.5, p.655-692, September 2004
David Power , Mark Slaymaker , Eugenia Politou , Andrew Simpson, Protecting sensitive patient data via query modification, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
Zbigniew Michalewicz, Statistical databases: their model, query language and security, Proceedings of the 2nd international workshop on Proceedings of the Second International Workshop on Statistical Database Management, p.391-402, September 27-29, 1983, Los Altos, California
Viktors Berstis, Security and protection of data in the IBM System/38, Proceedings of the 7th annual symposium on Computer Architecture, p.245-252, May 06-08, 1980, La Baule, United States
Jack Klebanoff, The iAPX 286 protection architecture, ACM SIGSMALL Newsletter, v.9 n.1, p.13-17, February 1983
Saeed A. Rajput , Jihong Chen , Sam Hsu, State based authentication, Proceedings of the 43rd annual southeast regional conference, March 18-20, 2005, Kennesaw, Georgia
Jacob Y. Levy , Laurent Demailly , John K. Ousterhout , Brent B. Welch, The safe-Tcl security model, Proceedings of the Annual Technical Conference on USENIX Annual Technical Conference, 1998, p.23-23, June 15-19, 1998, New Orleans, Louisiana
Andrew Simpson , David Power , Mark Slaymaker, On tracker attacks in health grids, Proceedings of the 2006 ACM symposium on Applied computing, April 23-27, 2006, Dijon, France
Rhys Smith , Jianhua Shao, Privacy and e-commerce: a consumer-centric perspective, Electronic Commerce Research, v.7 n.2, p.89-116, June 2007
Lingyu Wang , Yingjiu Li , Sushil Jajodia , Duminda Wijesekera, Parity-based inference control for multi-dimensional range sum queries, Journal of Computer Security, v.15 n.4, p.417-445, September 2007
Vangalur S. Alagar , Bernard Blanchard , David Glaser, Effective inference control mechanisms for securing statistical databases, Proceedings of the May 4-7, 1981, national computer conference, May 04-07, 1981, Chicago, Illinois

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS

  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.7 Database Administration
          Subjects: Security, integrity, and protection


General Terms:
Design, Security, Theory

Collaborative Colleagues:
Dorothy E. Denning: colleagues
Peter J. Denning: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player