J. F. Traub
Abstract
This note proposes a statistical perturbation scheme to protect a statistical database against compromise. The proposed scheme can handle the security of numerical as well as nonnumerical sensitive fields. Furthermore, knowledge of some records in a database does not help to compromise unknown records. We use Chebyshev's inequality to analyze the trade-offs among the magnitude of the perturbations, the error incurred by statistical queries, and the size of the query set to which they apply. We show that if the statistician is given absolute error guarantees, then a compromise is possible, but the cost is made exponential in the size of the database.
- 1 BECK, L. A security mechanism for statistical databases. ACM Trans. Database Syst., 5, 1 (1980). Google Scholar
Digital Library
- 2 CONWAY, R., AND STRIP, D. Selective partial access to a database. In Proceedings ACM National Conference (Oct. 1976), 85-89. Google ScholarDigital Library
- 3 DENNING, D.E., DENNING, P.J., AND SCHWARTZ, M.D. The tracker: A threat to statistical database security. ACM Trans. Database Syst. 4 (1979), 76-96. Google ScholarDigital Library
- 4 DOBKIN, D., JONES, A.K., AND LIPTON, R. Secure databases: Protection against user influence. ACM Trans. Database Syst. 4 (1979), 97-106. Google ScholarDigital Library
- 5 FELLEGI, I.P., AND PHILLIPS, J.L. Statistical confidentiality: Some theory and applications to data dissemination. Ann. Econ. Sot. Measure (1974), 399-409.Google Scholar
- 6 HAMMING, R.W. Coding and Information Theory. Prentice-Hall, Englewood Cliffs, N.J., 1980. Google ScholarDigital Library
- 7 KNUTH, D.E. The Art of Computer Programming. Vol. 1. Addison-Wesley, Reading, Mass., 1973. Google ScholarDigital Library
- 8 SCHLORER, J. Disclosure from statistical databases: Quantitative aspects of trackers. ACM Trans. Database Syst. 5 (1980), 467-492. Google ScholarDigital Library
- 9 ULLMAN, J.D. Principles of Database Systems. Computer Science Press, Rockville, Md., 1980. Google ScholarDigital Library
- 10 WARNER, S.L. The linear randomized response model. J. Am. Stat. Assoc. 66 (1971),884-888.Google ScholarCross Ref
Index Terms
- The statistical security of a statistical database
Recommendations
A security machanism for statistical database
The problem of user inference in statistical databases is discussed and illustrated with several examples. It is assumed that the database allows “total,” “average,” “count,” and “percentile” queries; a query may refer to any arbitrary subset of the ...
Statistical relational tables for statistical database management
This paper extends Codd's relational view to represent statistical data and to achieve the efficient analysis of statistical data. It discusses why the relational calculus has not been popular with statisticians. A new view called a statistical ...
Revisiting the Security of Biometric Authentication Systems Against Statistical Attacks
The uniqueness of behavioral biometrics (e.g., voice or keystroke patterns) has been challenged by recent works. Statistical attacks have been proposed that infer general population statistics and target behavioral biometrics against a particular victim. ...
Comments