Abstract
The database server is a crucial bottleneck in traditional inference control architecture, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, can never be implemented in practice for protecting largescale real-world database systems. To shift this paradigm, we propose a new inference control architecture that will entrust inference control to each users platform, provided that the platform is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a users platform to the database server, so as to assure the server that inference control could be enforced as expected. A generic protocol is proposed to formalize the interactions between the users platform and database server. Any existing inference control technique can work with our protocol, for which the security properties are formally proven. Since each user’s platform enforces inference control for its own queries, our solution avoids the bottleneck.
Keywords
- Inference control
- trusted computing
- auditing
- security protocol
Chapter PDF
References
Achugbue, J.O., Chin, F.Y.: The Effectiveness of Output Modification by Rounding for Protection of Statistical Databases. INFOR 17(3), 209–218 (1979)
Adam, N.R., Wortmann, J.C.: Security-Control Methods for Statistical Databases: A Comparative Study. ACM Computing Surveys 21(4), 516–556 (1989)
Beck, L.L.: A Security Mechanism for Statistical Databases. ACM Trans. Database Systems 5(3), 316–338 (1980)
Chen, M., McNamee, L., Melkanoff, M.A.: A Model of Summary Data and Its Applications to Statistical Databases. In: Rafanelli, M., Svensson, P., Klensin, J.C. (eds.) Statistical and Scientific Database Management. LNCS, vol. 339, pp. 354–372. Springer, Heidelberg (1989)
Chin, F.Y.: Security Problems on Inference Control for SUM, MAX, and MIN queries. J. ACM 33, 451–464 (1986)
Chin, F.Y., Kossowski, P., Loh, S.C.: Efficient Inference Control for Range Sum Queries. Theor. Comput. Sci. 32, 77–86 (1984)
Chin, F.Y., Özsoyoglu, G.: Security in Partitioned Dynamic Statistical Databases. In: Proc. IEEE COMPSAC, pp. 594–601. IEEE Computer Society Press, Los Alamitos (1979)
Chin, F.Y., Özsoyoglu, G.: Statistical Database Design. ACM Trans. Dababase Systems 6(1), 113–139 (1981)
Chin, F.Y., Özsoyoglu, G.: Auditing and Inference Control in Statistical Databases. IEEE Trans. Softw. Eng. 6, 574–582 (1982)
Cox, L.H.: Suppression Methodology and Statistical Disclosure Control. J. Am. Stat. Assoc. 75(370), 377–385 (1980)
Cox, L.H., Zayatz, L.V.: An Agenda for Research on Statistical Disclosure Limitation. J. Official Statistics 75, 205–220 (1995)
Delicata, R.: An Analysis of Two Protocols for Conditional Access in Mobile Systems, Technical Report CS-04-13, Department of Computing, University of Surrey (2005)
Denning, D.E.: Cryptography and Data Security. Addison-Wesley, Reading (1982)
Denning, D.E.: Secure Statistical Databases with Random Sample Queries. ACM Trans. Database Systems 5(3), 88–102 (1980)
Denning, D.E.: A Security Model for the Statistical Database Problem. In: Proc. 2nd International Workshop on Management, pp. 1–16 (1983)
Denning, D.E., Denning, P.J., Schwartz, M.D.: The Tracker: A threat to Statistical Database Security. ACM Trans. Database Systems 4(1), 76–96 (1979)
Denning, D.E., Schlörer, J.: Inference Control for Statistical Databases. Computer 16(7), 69–82 (1983)
Dobkin, D., Jones, A.K., Lipton, R.J.: Secure Databases: Protection Against User Influence. ACM Trans. Database Systems 4(1), 97–106 (1979)
Dolve, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE Transactions on Information Technology 29(2), 198–208 (1983)
Erickson, J.S.: Fair use, DRM, and trusted computing. Communications of ACM 46(4), 34–39 (2003)
Farkas, C., Jajodia, S.: The Inference Problem: A Survey. SIGKDD Explorations 4(2), 6–11 (2002)
Fellegi, I.P., Phillips, J.L.: Statistical Confidentiality: Some Theory and Applications to Data Dissemination. Ann. Ec. Soc. Meas. 3(2), 399–409 (1974)
Greenberg, B.G., Abernathy, J.R., Horvitz, D.G.: Application of Randomized Response Technique in Obtaining Quantitative Data. In: Proc. Social Statistics Section, America, Statistical Association, pp. 40-43 (1969)
Hoffman, L.J.: Modern Methods for Computer Security and Privacy. Prentice-Hall, Englewood Cliffs (1977)
Hui, M.L., Lowe, G.: Safe Simplifying Transformations for Security Protocols. In: Proc. 12th Computer Security Foundations Workshop, pp. 32–43 (1999)
Iliev, A., Smith, S.W.: Protecting User Privacy via Trusted Computing at the Server. IEEE Security and Privacy 3(2), 20–28 (2005)
Kleinberg, J., Papadimitriou, C., Raghavan, P.: Auditing Boolean Attributes. In: Proc. 9th ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, pp. 86–91. ACM Press, New York (2000)
LaGrande technology architecture: Intel Developer Forum (2003)
Lefons, D., Silvestri, A., Tangorra, F.: An Analytic Approach to Statistical Databases. In: Proc. 9th Very Large Databases, pp. 260–273 (1983)
Li, Y., Lu, H., Deng, R.H.: Practical Inference Control for Data. In: Proc. IEEE Symposium on Security and Privacy, pp. 115–120. IEEE Computer Society Press, Los Alamitos (2006)
Li, Y., Wang, L., Wang, X.S., Jajodia, S.: Auditing Interval-based Inference. In: Proc. 14th Conference on Advanced Information Systems Engineering, pp. 553–567 (2002)
Liew, C.K., Choi, W.J., Liew, C.J.: A Data Distortion by Probability Distribution. ACM Trans. Database Systems 10(3), 395–411 (1985)
Malvestuto, F.M., Mezzini, M.: Auditing Sum-Queries. In: Proc. International Conference on Database Theory, pp. 504–509 (2003)
Malvestuto, F.M., Moscarini, M.: An Audit Expert for Large Statistical Databases, Statistical Data Protection, EUROSTAT, pp. 29-43 (1999)
Mitchell, C.: Trusted Computing. The Institution of Electrical Engineers, London, UK (2005)
Özsoyoglu, G., Chung, J.: Information Loss in the Lattice Model of Summary Tables Due To Suppression. In: Proc. IEEE Symposium on Security and Privacy, pp. 75–83. IEEE Computer Society Press, Los Alamitos (1986)
Perrig, A., Smith, S.W., Song, D., Tygar, J.D.: SAM: A Flexible and Secure Auction Architecture using Tusted Hardware. eJETA.org: The Electronic Journal for E-Commerce Tools and Applications 1(1) (2002)
Reiss, J.P.: Practical Data Swapping: The First Step. In: Proc. IEEE Symposium on Security and Privacy, pp. 36–44. IEEE Computer Society Press, Los Alamitos (1980)
Sailer, R., Jaeger, T., Zhang, X., van Doorn, L.: Attestation-Based Policy Enforcement for Remote Access. In: Proc. ACM Conference on Computer and Communications Security, pp. 308–317. ACM Press, New York (2004)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: USENIX. USENIX Security Symposium, pp. 223–238 (2004)
Sande, G.: Automated Cell Supperssion to Reserve Confidentiality of Business Statistics. In: Proc. 2nd Workshop on Statistical Database Management, pp. 346–353 (1983)
Sandhu, R., Zhang, X.: Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In: Proc. ACM Symposium on Access Control Models and Technologies, pp. 147–158. ACM Press, New York (2005)
Schlörer, J.: Confidentiality of Statistical Records: A Threat Monitoring Scheme of On-line Dialogue. Methods Inform. Med. 15(1), 36–42 (1976)
Schlörer, J.: Disclosure from Statistical Databases: Quantitative Aspects of Trackers. ACM Trans. Database Systems 5(4), 467–492 (1980)
Schlörer, J.: Information Loss in Partitioned Statistical Databases. Comput. J. 26(3), 218–223 (1983)
Schneider, S.: Verifying Authentication Protocols with CSP. In: Proc. 10th Computer Security Foundation Workshop, pp. 3–17 (1997)
Schneider, S.: Concurrent and Real-time Systems: the CSP Approach. Addison-Wesley, Reading (1999)
Smith, S.W., Safford, D.: Practical Server Privacy Using Secure Coprocessors. IBM Systems Journal (special issue on End-to-End Security) 40, 683–695 (2001)
TCG. TPM Main: Part 1 Design Principles, TCG Specification Ver. 1.2, Revision 62 (2003), http://www.trustedcomputinggroup.org
TCG. TPM Main: Part 2 TPM Data Structure, TCG Specification Ver. 1.2, Revision 62 (2003), http://www.trustedcomputinggroup.org
TCG. TPM Main: Part 3 Commands, TCG Specification Ver. 1.2, Revision 62 (2003), http://www.trustedcomputinggroup.org
Trusted Computing Group (2006), http://www.trustedcomputinggroup.org
Traub, J.F., Yemini, Y., Wozniakowski, H.: The Statistical Security of A Statistical Database. ACM Trans. Database Systems 9(4), 672–679 (1984)
Wang, L., Li, Y., Wijesekera, D., Jajodia, S.: Precisely Answering Multi-dimensional Range Queries without Privacy Breaches. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 100–115. Springer, Heidelberg (2003)
Wang, L., Wijesekera, D., Jajodia, S.: Cardinality-based Inference Control in Sum-only Data Cubes. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 55–71. Springer, Heidelberg (2002)
Warner, S.L.: Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias. J. Am. Stat. Asso. 60(309), 63–69 (1965)
Warner, S.L.: The Linear Randomized Response Model. J. Am. Stat. Asso. 66(336), 884–888 (1971)
Willenborg, L., Waal, T.: Statistical Discolure Control in Practice. Lecture Notes in Statistics, vol. 111. Springer, Heidelberg (1996)
Willenborg, L., Waal, T.: Elements of Statistical Discolure. Lecture Notes in Statistics, vol. 155. Springer, Heidelberg (2000)
Yu, C.T., Chin, F.Y.: A Study on the Protection of Statistical Databases. In: Proc. ACM SIGMOD, pp. 169–181. ACM Press, New York (1977)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Yang, Y., Li, Y., Deng, R.H. (2007). New Paradigm of Inference Control with Trusted Computing. In: Barker, S., Ahn, GJ. (eds) Data and Applications Security XXI. DBSec 2007. Lecture Notes in Computer Science, vol 4602. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73538-0_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-73538-0_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73533-5
Online ISBN: 978-3-540-73538-0
eBook Packages: Computer ScienceComputer Science (R0)