Affiliation:
1. “La Sapienza” University of Rome, Roma, Italy
Abstract
In response to queries asked to a statistical database, the query system should avoid releasing summary statistics that could lead to the disclosure of confidential individual data. Attacks to the security of a statistical database may be direct or indirect and, in order to repel them, the query system should audit queries by controlling the amount of information released by their responses. This paper focuses on sum-queries with a response variable of nonnegative real type and proposes a compact representation of answered sum-queries, called an information model in “normal form,” which allows the query system to decide whether the value of a new sum-query can or cannot be safely answered. If it cannot, then the query system will issue the range of feasible values of the new sum-query consistent with previously answered sum-queries. Both the management of the information model and the answering procedure require solving linear-programming problems and, since standard linear-programming algorithms are not polynomially bounded (despite their good performances in practice), effective procedures that make a parsimonious use of them are stated for the general case. Moreover, in the special case that the information model is “graphical.” It is shown that the answering procedure can be implemented in polynomial time.
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Reference28 articles.
1. Security-control methods for statistical databases: a comparative study
2. Ahuja R. K. Magnanti T. L. and Orlin J. B. 1993. Network Flows. Prentice Hall Englewood Cliffs NJ. Ahuja R. K. Magnanti T. L. and Orlin J. B. 1993. Network Flows. Prentice Hall Englewood Cliffs NJ.
3. On the data model and access method of summary data management
4. Security problems on inference control for SUM, MAX, and MIN queries
Cited by
21 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献