Abstract
It has been observed that often the release of a limited part of an information resource poses no security risks, but the relase of a sufficiently large part of that resource might pose such risks. This problem of controlled disclosure of sensitive information is an example of what is known as the aggregation problem. In this paper we argue that it should be possible to articulate specific secrets within a database that should be protected against overdisclosure, and we provide a general framework in which such controlled disclosure can be achieved. Our methods foil any attempt to attack these predefined secrets by disguising queries as queries whose definitions do not resemble secrets, but whose answers nevertheless “nibble” at secrets. Our methods also foil attempts to attack secrets by breaking queries into sequences of smaller requests that extract information less conspicuously. The accounting methods we employ to thwart such attempts are shown to be both accurate and economical.
The work of Motro was supported in part by NSF Grant No. IRI-9007106 and by ARPA grant, administered by the Office of Naval Research under Grant No. N0014-92-J-4038. The work of Jajodia was supported in part by NSF Grant No. IRI-9303416.
Download to read the full chapter text
Chapter PDF
References
D. E. Denning. Cryptography and Data Security. Addison Wesley, Reading, Massachusetts, 1982.
J.T. Haigh, R.C. O'Brian, P.D. Stachour, and D.L. Toups. The LDV approach to security. In D.L. Spooner and C. Landwehr, editors, Database Security III: Status and Prospects, pages 323–339. North Holland, Amsterdam, 1990.
T.N. Hinke. Inference aggregation deduction in database management systems. In Proceedings of IEEE Symposium on Security and Privacy, pages 96–106, April 1988.
S. Jajodia. Inference problems in secure database management systems. Technical Report MTR 92W0000052, The MITRE Corporation, McLean, Virginia, June 1992.
T.Y. Lin. Database, aggregation and security algebra. In Proceedings of the 4th IFIP Working Conference on Database Security, September 1990.
T.F. Lunt. Aggregation and inference: Facts and fallacies. In Proceedings of IEEE Symposium on Security and Privacy, pages 102–109, May 1989.
T.F. Lunt and R.A. Whitehurst. The Sea View formal top level specifications. Technical report, Computer Science Laboratory, SRI International, February 1988.
A. Motro. Integrity = validity + completeness. ACM Transactions on Database Systems, 14(4):480–502, December 1989.
A. Motro. Intensional answers to database queries. IEEE Transactions on Knowledge and Data Engineering, 6(3):444–454, June 1994.
D. C. Tsichritzis and F. H. Lochovsky. Data Models. Prentice Hall, Englewood Cllifs, New Jersey, 1982.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Motro, A., Marks, D.G., Jajodia, S. (1994). Aggregation in relational databases: Controlled disclosure of sensitive information. In: Gollmann, D. (eds) Computer Security — ESORICS 94. ESORICS 1994. Lecture Notes in Computer Science, vol 875. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-58618-0_77
Download citation
DOI: https://doi.org/10.1007/3-540-58618-0_77
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58618-0
Online ISBN: 978-3-540-49034-0
eBook Packages: Springer Book Archive