article

Auditing Boolean attributes

Authors:

Christos Papadimitriou,

Prabhakar RaghavanAuthors Info & Claims

Journal of Computer and System Sciences, Volume 66, Issue 1

Pages 244 - 253

https://doi.org/10.1016/S0022-0000(02)00036-3

Published: 01 February 2003 Publication History

Abstract

We study the problem of auditing databases which support statistical sum queries to protect the security of sensitive information; we focus on the special case in which the sensitive information is Boolean. Principles and techniques developed for the security of statistical databases in the case of continuous attributes do not apply here. We prove certain strong complexity results suggesting that there is no general efficient solution for the auditing problem in this case. We propose two efficient algorithms: The first is applicable when the sum queries are one-dimensional range queries (we prove that the problem is NP-hard even in the two-dimensional case). The second is an approximate algorithm that maintains security, although it may be too restrictive. Finally, we consider a "dual" variant, with continuous data but an aggregate function that is combinatorial in nature. Specifically, we provide algorithms for two natural definitions of the auditing condition when the aggregate function is MAX.

References

[1]

{1} N. Adam, J. Wortman, Security-control methods for statistical databases: a comparative study, ACM Comput. Surveys 21 (4) (1989) 515-556.

Digital Library

[2]

{2} L. Beck, A security mechanism for statistical databases, ACM TODS 5 (3) (1980) 316-338.

Digital Library

[3]

{3} F. Chin, Security in statistical databases for queries with small counts, ACM TODS 3 (1) (1978) 92-104.

Digital Library

[4]

{4} F. Chin, G. Ösoyoglu, Statistical database design, ACM TODS 6 (1) (1981) 113-139.

Digital Library

[5]

{5} F. Chin, G. Ösoyoglu, Auditing and inference control in statistical databases, IEEE SE-8 1 (1982) 574-582.

[6]

{6} F. Chin, G. Ösoyoglu, Security in partitioned dynamic statistical databases, Proceedings of IEEE COMPSAC, Chicago, 1979, pp. 594-601.

[7]

{7} T. Cormen, C. Leiserson, R. Rivest, Introduction to Algorithms, McGraw-Hill, Boston, 1990.

Digital Library

[8]

{8} T. Dalenius, A simple procedure for controlled rounding, Statistik Tidsktift 3 (1981) 202-208.

[9]

{9} D. Dobkin, A. Jones, R. Lipton, Secure databases: protection against user influence, ACM TODS 4 (1) (1979) 97-106.

Digital Library

[10]

{10} A. Friedman, L. Hoffman, Towards a fail-safe approach to security and privacy, Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, 1980.

[11]

{11} C. Liew, W. Choi, C. Liew, Data distortion by probability distribution, ACM TODS 10 (3) (1985) 395-411.

Digital Library

[12]

{12} G. Ösoyoglu, F. Chin, Enhancing the security of statistical databases with a question-answering system and a kernel, IEEE SE-8 3 (1982) 223-234.

[13]

{13} S. Reiss, Practical data swapping: the first steps, ACM TODS 9 (1) (1984) 20-37.

Digital Library

[14]

{14} N. Rowe, Diophantine inference from statistical aggregates on few-valued attributes, Proceedings of IEEE Conference on Data Engineering, Los Angeles, CA, 1984, pp. 107-110.

Digital Library

[15]

{15} A. Schrijver, Theory of Linear and Integer Programming, Wiley, New York, 1986.

Digital Library

[16]

{16} J. Traub, Y. Yemini, H. Wozniakowksi, The statistical security of a statistical database, ACM TODS 9 (4) (1984) 672-479.

Digital Library

Cited By

Cretu AHoussiau FCully Ade Montjoye YYin HStavrou ACremers CShi E(2022)QuerySnoutProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560581(623-637)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560581
Naghizadeh PSinha AKarlin AImmorlica NJohari R(2019)Adversarial Contract Design for Private Data CommercializationProceedings of the 2019 ACM Conference on Economics and Computation10.1145/3328526.3329633(681-699)Online publication date: 17-Jun-2019
https://dl.acm.org/doi/10.1145/3328526.3329633
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2736028.273603027:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2736028.2736030
Show More Cited By

Index Terms

Auditing Boolean attributes

Recommendations

Auditing Boolean attributes
PODS '00: Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems

We study the problem of auditing databases which support statistical sum queries to protect the security of sensitive information; we focus on the special case in which the sensitive information is Boolean. Principles and techniques developed for the ...
Computational complexity of auditing finite attributes in statistical databases

We study the computational complexity of auditing finite attributes in databases allowing statistical queries. Given a database that supports statistical queries, the auditing problem is to check whether an attribute can be completely determined or not ...
The Boolean isomorphism problem
FOCS '96: Proceedings of the 37th Annual Symposium on Foundations of Computer Science

We investigate the computational complexity of the Boolean isomorphism problem (BI): on input of two Boolean formulas F and G decide whether there exists a permutation of the variables of G such that F and G become equivalent. Our main result is a one-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Computer and System Sciences

Journal of Computer and System Sciences Volume 66, Issue 1

Special issue on PODS 2000

01 February 2003

291 pages

ISSN:0022-0000

Issue’s Table of Contents

Publisher

Academic Press, Inc.

United States

Publication History

Published: 01 February 2003

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

30
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Cretu AHoussiau FCully Ade Montjoye YYin HStavrou ACremers CShi E(2022)QuerySnoutProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560581(623-637)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560581
Naghizadeh PSinha AKarlin AImmorlica NJohari R(2019)Adversarial Contract Design for Private Data CommercializationProceedings of the 2019 ACM Conference on Economics and Computation10.1145/3328526.3329633(681-699)Online publication date: 17-Jun-2019
https://dl.acm.org/doi/10.1145/3328526.3329633
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2736028.273603027:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2736028.2736030
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2735998.273600027:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2735998.2736000
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2725966.272596827:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2725966.2725968
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2725954.272595627:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2725954.2725956
(2015)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2700896.270089827:1(20-34)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.5555/2700896.2700898
Yang JLi JNiu Y(2015)A hybrid solution for privacy preserving medical data sharing in the cloud environmentFuture Generation Computer Systems10.1016/j.future.2014.06.00443:C(74-86)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1016/j.future.2014.06.004
(2014)Statistical Database Auditing Without Query Denial ThreatINFORMS Journal on Computing10.5555/2700137.2700138(1-15)Online publication date: 1-Sep-2014
https://dl.acm.org/doi/10.5555/2700137.2700138
Tassa TMazza AGionis A(2012)k-ConcealmentTransactions on Data Privacy10.5555/2207141.22071425:1(189-222)Online publication date: 1-Apr-2012
https://dl.acm.org/doi/10.5555/2207141.2207142
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents