Abstract
Inference is a way to subvert access control mechanisms of database systems. Most existing work on inference detection relies on analyzing functional dependencies in the database schema. This paper is an extension to our earlier effort in developing a data level inference detection system [13]. In this paper, we introduce the split query inference rule, make an extension to the overlapping inference rule, and provide an in depth discussion on the applications of the inference rules on union queries. Data level inference detection is inevitably expensive. We have developed a prototype of the inference detection system to evaluate its performance. The result shows that the system performs better with larger number of attributes and records in the database, and smaller number of projected attributes and return tuples of the queries. Therefore, the inference detection system could be practical when users retrieve a small amount of data compare to the size of the database.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Leonard J. Binns. Inference through secondary path analysis. In Proc. 6th IFIP WG11.3 Workshop on Database Security, pages 195–209, August 1992.
LiWu Chang and Ira S. Moskowitz. Bayesian methods applied to the database inference problem. In Proc. 12th 1FIP WG11.3 Workshop on Database Security, July 1998.
Harry S. Delugach and Thomas H. Hinke. Wizard: A database inference analysis and detection system. IEEE Transactions on Knowledge and Data Engineering, 8 (1): 56–66, 1996.
John Hale and Sujeet Shenoi. Catalytic inference analysis: Detection inference threats due to knowledge discovery. In Proceedings of the 1997 IEEE Symposium on Research in Security and Privacy,pages 188–199, May 1997.
Thomas H. Hinke. Inference aggregation detection in database management systems. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, pages 96–106, April 1988.
Thomas H. Hinke, Harry S. Delugach, and Asha Chandrasekhar. Layered knowledge chunks for database inference. In Proc. 7th IFIP WG11.3 Workshop on Database Security, pages 275–295, September 1993.
Thomas H. Hinke, Harry S. Delugach, and Randall Wolf. A framework for inference-directed data mining. In Proc. 10th IFIP WG11.3 Workshop on Database Security, pages 229–239, July 1996.
Teresa F. Lunt. Aggregation and inference: Facts and fallacies. In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 102–109, May 1989.
Donald G. Marks. Inference in mls database systems. IEEE Transactions on Knowledge and Data Engineering, 8 (1): 46–55, February 1996.
Xiaolei Qian, Mark E. Stickel, Peter D. Karp, Teresa F. Lunt, and Thmoas D. Garvey. Detection and elimination of inference channels in multilevel relational database systems. In Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pages 196–205, May 1993.
Mark E. Stickel. Elimination of inference channels by optimal upgrading. In Proceedings of the 199.4 IEEE Symposium on Research in Security and Privacy, pages 168–174, May 1994.
Bhavani Thuraisingham. The use of conceptual structures for handling the inference problem. In Proc. 5th IFIP WG11.3 Workshop on Database Security, pages 333–362, November 1991.
Raymond Yip and Karl Levitt. Data level inference detection in database systems. In Proc. 11th IEEE Computer Security Foundations Workshop, pages 179–189, June 1998.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer Science+Business Media New York
About this chapter
Cite this chapter
Yip, R.W., Levitt, K.N. (1999). The Design and Implementation of a Data Level Database Inference Detection System. In: Jajodia, S. (eds) Database Security XII. IFIP — The International Federation for Information Processing, vol 14. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35564-1_16
Download citation
DOI: https://doi.org/10.1007/978-0-387-35564-1_16
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4914-4
Online ISBN: 978-0-387-35564-1
eBook Packages: Springer Book Archive