Securing Information Against Manipulation in the Production Systems Engineering Process

  • Peter KiesebergEmail author
  • Edgar Weippl


Modern engineering projects often include extensive cooperation with partners as well as external experts, either due to specific knowledge required that cannot be acquired otherwise or even due to rules and regulations that have to be obeyed to enter a specific market. Still, Production Systems Engineering (PSE) processes contain significant intrinsic and explicit knowledge that is a key resource of a partner. Therefore, the partners in such a collaborative process need to protect their vital knowledge assets while still being forced to share much of the information, thus rendering proactive solutions for information protection infeasible. Information fingerprinting has been used as a reactive measure in many data-based information processes. While fingerprinting does not hinder unsolicited information exchange, fingerprinting techniques can be used to prove ownership of information and to determine the leaking partner. In addition, expert information is integrated into the overall process, requiring means to hold single participants responsible for errors and/or other issues. Still, in current environments, manipulation of information is largely possible. This becomes especially problematic in cases where the expert information is used as input in intelligent algorithms, thus rendering any chance of simple detection impossible, even for the expert originally entering the information. In this chapter, we adopt an approach for providing information integrity in the so-called doctor in the loop Holzinger (Brain Inform 3(2):119–131, 2016) systems in order to fit the PSE process and its special requirements and combine it with fingerprinting methods for protecting the ownership of vital information assets. Furthermore, we extend this approach to not only control data manipulation but also access to sensitive information. In order to further mitigate attacks targeting data exfiltration, we provide two new approaches for logging SELECT-queries in a way that cannot be manipulated even by attacks in the possession of administrator privileges.


Data protection Audit and control Exfiltration detection PSE databases 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



The financial support by the Christian Doppler Research Association, the Austrian Federal Ministry for Digital and Economic Affairs, and the National Foundation for Research, Technology, and Development is gratefully acknowledged.


  1. Agrawal, R., & Kiernan, J. (2002). Watermarking relational databases. In Proceedings of the 28th International Conference on Very Large Databases (pp. 155–166).Google Scholar
  2. Bertino, E., Ooi, B. C., Yang, Y., & Deng, R. H. (2005). Privacy and ownership preserving of outsourced medical data. In: 21st International Conference on Data Engineering (ICDE’05) (pp. 521–532).Google Scholar
  3. Claycomb, W. R., & Nicoll, A. (2012). Insider threats to cloud computing: Directions for new research challenges. In: 2012 IEEE 36th Annual Computer Software and Applications Conference (pp. 387–394). Piscataway, NJ: IEEECrossRefGoogle Scholar
  4. Emam, K. E., Dankar, F. K., Issa, R., Jonker, E., Amyot, D., Cogo, E., et al. (2009). A globally optimal k-anonymity method for the de-identification of health data. Journal of the American Medical Informatics Association, 16(5), 670–682.CrossRefGoogle Scholar
  5. Frühwirt, P., Huber, M., Mulazzani, M., & Weippl, E. (2010). InnoDB database forensics. In: 2010 24th IEEE International Conference on Advanced Information Networking and Applications (AINA) (pp. 1028–1036). Piscataway, NJ: IEEE.CrossRefGoogle Scholar
  6. Frühwirt, P., Kieseberg, P., Krombholz, K., & Weippl, E. R. (2014). Towards a forensic-aware database solution. Digital Investigation, 11(4), 336–348.CrossRefGoogle Scholar
  7. Frühwirt, P., Kieseberg, P., Schrittwieser, S., Huber, M., & Weippl, E. R. (2012), Innodb database forensics: Reconstructing data manipulation queries from redo logs. In 2012 Seventh International Conference on Availability, Reliability and Security (pp. 625–633).Google Scholar
  8. Frühwirt, P., Kieseberg, P., & Weippl, E. (2015). Using internal mysql/innodb b-tree index navigation for data hiding. In IFIP International Conference on Digital Forensics (pp. 179–194).Google Scholar
  9. Garfinkel, S. L. (2009). Automating disk forensic processing with sleuthkit, xml and python. In. 2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering (pp. 73–84).Google Scholar
  10. Girardi, D., Küng, J., Kleiser, R., Sonnberger, M., Csillag, D., Trenkler, J., et al. (2016). Interactive knowledge discovery with the doctor-in-the-loop: A practical example of cerebral aneurysms research. Brain Informatics, 3(3), 133–143.CrossRefGoogle Scholar
  11. Gunning, D. (2017). Explainable artificial intelligence (XAI). In Defense Advanced Research Projects Agency (DARPA), nd Web .Google Scholar
  12. Haerder, T., & Reuter, A. (1983). Principles of transaction-oriented database recovery. ACM Computing Surveys, 15(4), 287–317.MathSciNetCrossRefGoogle Scholar
  13. Holzinger, A. (2016). Interactive machine learning for health informatics: when do we need the human-in-the-loop? Brain Informatics, 3(2), 119–131.CrossRefGoogle Scholar
  14. Holzinger, A., Plass, M., Holzinger, K., Crişan, G. C., Pintea, C.-M., & Palade, V. (2016), Towards interactive machine learning (IML): applying ant colony algorithms to solve the traveling salesman problem with the human-in-the-loop approach. In International Conference on Availability, Reliability, and Security (pp. 81–95). Berlin: Springer.CrossRefGoogle Scholar
  15. Holzinger, A., Plass, M., Kickmeier-Rust, M., Holzinger, K., Crisan, G. C., Pintea, C. M. et al. (2019). Interactive machine learning: Experimental evidence for the human in the algorithmic loop: A case study on ant colony optimization. Applied Intelligence, 49(7), 2401–2414.CrossRefGoogle Scholar
  16. Huth, C. L., Chadwick, D. W., Claycomb, W. R., & You, I. (2013). Guest editorial: A brief overview of data leakage and insider threats. Information Systems Frontiers, 15(1), 1–4.CrossRefGoogle Scholar
  17. Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response. (No. Special Publication (NIST SP)-800-86).Google Scholar
  18. Kieseberg, P., Malle, B., Frühwirt, P., Weippl, E. R., & Holzinger, A. (2016). A tamper-proof audit and control system for the doctor in the loop. Brain Informatics, 3(4), 269–279.CrossRefGoogle Scholar
  19. Kieseberg, P., Schantl, J., Frühwirt, P., Weippl, E. R., & Holzinger, A. (2015). Witnesses for the doctor in the loop. In International Conference on Brain Informatics and Health (pp. 369–378). Berlin: Springer.CrossRefGoogle Scholar
  20. Kieseberg, P., Schrittwieser, S., Morgan, L., Mulazzani, M., Huber, M., & Weippl, E. (2013). Using the structure of B+ -trees for enhancing logging mechanisms of databases. International Journal of Web Information Systems, 9(1), 53–68.CrossRefGoogle Scholar
  21. Langner, R. (2011). Stuxnet: Dissecting a cyberwarfare weapon. IEEE Symposium on Security and Privacy, 9(3), 49–51.CrossRefGoogle Scholar
  22. Pal, A., & Memon, N. (2009). The evolution of file carving. IEEE Signal Processing Magazine, 26(2), 59–71.CrossRefGoogle Scholar
  23. Pieterse, H., & Olivier, M. S. (2012). Data hiding techniques for database environments. In 8th International Conference on Digital Forensics (DF) (pp. 289–301).Google Scholar
  24. Rogaway, P., & Shrimpton, T. (2004). Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In International Workshop on Fast Software Encryption (pp. 371–388). Berlin: Springer.CrossRefGoogle Scholar
  25. Schneier, B., & Kelsey, J. (1999). Secure audit logs to support computer forensics. ACM Transactions on Information and System Security, 2(2), 159–176.CrossRefGoogle Scholar
  26. Schrittwieser, S., Kieseberg, P., Echizen, I., Wohlgemuth, S., & Sonehara, N. (2011), Using generalization patterns for fingerprinting sets of partially anonymized microdata in the course of disasters. In 2011 Sixth International Conference on Availability, Reliability and Security (pp. 645–649).Google Scholar
  27. Sood, A. K., & Enbody, R. J. (2013). Targeted cyberattacks: A superset of advanced persistent threats. IEEE Security & Privacy, 11(1), 54–61.Google Scholar
  28. Sweeney, L. (2002). k -anonymity: a model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5), 557–570.MathSciNetCrossRefGoogle Scholar
  29. Thonnard, O., Bilge, L., O’Gorman, G., Kiernan, S., & Lee, M. (2012), Industrial espionage and targeted attacks: Understanding the characteristics of an escalating threat. In International Workshop on Recent Advances in Intrusion Detection (pp. 64–85). Berlin: Springer.Google Scholar
  30. Willenborg, L. (1999). Fingerprints in microdata sets. In Joint ECE-Eurostat Work Session on Statistical Data Confidentiality, Thessaloniki.Google Scholar
  31. Willenborg, L. C. R. J., & de Waal, T. (1996). Statistical disclosure control in practice. Berlin: Springer.CrossRefGoogle Scholar
  32. Zaitsev, P. (2009). Innodb architecture and performance optimization. In O’Reilly MySQLConference and Expo.Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.St. Pölten University of Applied SciencesSt. PöltenAustria
  2. 2.Christian Doppler Laboratory for Security and Quality Improvement in the Production System Lifecycle (CDL-SQI), Institute of Information Systems EngineeringTechnische Universität WienViennaAustria
  3. 3.SBA ResearchViennaAustria

Personalised recommendations