Abstract
In this paper we study the feasibility of auditing interval-based inference. Sensitive information about individuals is said to be compromised if an accurate enough interval, called inference interval, is obtained into which the value of the sensitive information must fall. Compared with auditing exact inference that is traditionally studied, auditing interval-based inference is more complicated. Existing auditing methods such as audit expert do not apply to this case. Our result shows that it is intractable to audit interval-based inference for bounded integer values; while for bounded real values, the auditing problem is polynomial yet involves complicated computation of mathematical programming. To further examine the practicability of auditing interval-based inference, we classify various auditing methods into three categories: exact auditing, optimistic auditing, and pessimistic auditing. We analyze the trade-offs that can be achieved by these methods among various auditing objectives: inference security, database usability, and auditing complexity.
This work was partially supported by the National Science Foundation under grant CCR-0113515.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
N.R. Adam and J.C. Wortmann. Security-control methods for statistical databases: a comparative study. ACM Computing Surveys, 21(4):515–556, 1989.
L.L. Beck. A security mechanism for statistical databases. ACM Trans. on Database Systems, 5(3):316–338, 1980.
A. Brodsky, C. Farkas, and S. Jajodia. Secure databases: Constraints, inference channels, and monitoring disclosures. IEEE Trans. Knowledge and Data Engineering, 12(6):900–919, 2000.
A. Brodsky, C. Farkas, D. Wijesekera, and X.S. Wang. Constraints, inference channels and secure databases. In the 6th International Conference on Principles and Practice of Constraint Programming, pages 98–113, 2000.
F.Y. Chin, P. Kossowski, and S.C. Loh. Efficient inference control for range sum queries. Theoretical Computer Science, 32:77–86, 1984.
F.Y. Chin and G. Özsoyoglu. Security in partitioned dynamic statistical databases. In Proc. of IEEE COMPSAC, pages 594–601, 1979.
F.Y. Chin and G. Özsoyoglu. Statistical database design. ACM Trans. on Database Systems, 6(1):113–139, 1981.
F.Y. Chin and G. Özsoyoglu. Auditing and inference control in statistical databases. IEEE Trans. on Software Engineering, 8(6):574–582, 1982.
L.H. Cox. Suppression methodology and statistical disclosure control. Journal of American Statistic Association, 75(370):377–385, 1980.
D.E. Denning. Are statistical data bases secure? In AFIPS conference proceedings, volume 47, pages 199–204, 1978.
D.E. Denning. Secure statistical databases with random sample queries. ACM Trans. on Database Systems, 5(3):291–315, 1980.
D.E. Denning and P.J. Denning. Data security. ACM computing surveys, 11(3):227–249, 1979.
D.E. Denning, P.J. Denning, and M.D. Schwartz. The tracker: A threat to statistical database security. ACM Trans. on Database Systems, 4(1):76–96, 1979.
D.E. Denning and J. Schlörer. Inference controls for statistical databases. IEEE Computer, 16(7):69–82, 1983.
D. Dobkin, A.K. Jones, and R.J. Lipton. Secure databases: protection against user influence. ACM Trans. on Database Systems, 4(1):97–106, 1979.
J. Domingo-Ferrer and J. M. Mateo-Sanz. Practical data-oriented microaggregation for statistical disclosure control. IEEE Trans. Knowledge and Data Engineering (to appear).
L.P. Fellegi. On the qestion of statistical confidentiality. Journal of American Statistic Association, 67(337):7–18, 1972.
R. Fourer. Linear programming frequently asked questions. Optimization Technology Center of Northwestern University and Argonne National Laboratory, 2001. http://www-unix.mcs.anl.gov/otc/Guide/faq/linear-programming-faq.html.
J.P. Ignizio and T.M. Cavalier. Linear Programming. Prentice Hall, 1994.
J. Kleinberg, C. Papadimitriou, and P. Raghavan. Auditing boolean attributes. In Proc. of the 9th ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, pages 86–91, 2000.
Y. Li, L. Wang, and S. Jajodia. Preventing interval-based inference by random data perturbation. In Workshop on Privacy Enhancing Technologies (to appear).
Y. Li, S. Zhu, L. Wang, and S. Jajodia. A privacy-enhanced microaggregation method. In Proc. of the 2nd International Symposium on Foundations of Information and Knowledge Systems, pages 148–159, 2002.
F.M. Malvestuto and M. Moscarini. Computational issues connected with the protection of sensetive statistics by auditing sum-queries. In Proc. of IEEE Scientific and Statistical Database Management, pages 134–144, 1998.
M.A. Palley. Security of statistical databases compromise through attribute correlational modeling. In Proc. of IEEE Conference on Data Engineering, pages 67–74, 1986.
J. Schlörer. Security of statistical databases: multidimensional transformation. ACM Trans. on Database Systems, 6(1):95–112, 1981.
A. Schrijver. Theory of Linear and Integer Programming. Wiley, 1986.
J.F. Traub, Y. Yemini, and H. Woźnaikowski. The statistical security of a statistical database. ACM Trans. on Database Systems, 9(4):672–679, 1984.
S.L. Warner. A survey technique for eliminating evasive answer bias. Journal of American Statistic Association, 60(309):63–69, 1965.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Y., Wang, L., Wang, X.S., Jajodia, S. (2002). Auditing Interval-Based Inference. In: Pidduck, A.B., Ozsu, M.T., Mylopoulos, J., Woo, C.C. (eds) Advanced Information Systems Engineering. CAiSE 2002. Lecture Notes in Computer Science, vol 2348. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47961-9_38
Download citation
DOI: https://doi.org/10.1007/3-540-47961-9_38
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43738-3
Online ISBN: 978-3-540-47961-1
eBook Packages: Springer Book Archive