Compromising Statistical Databases Responding to Queries about Means.

@article{DBLP:journals/tods/Jonge83,
  author    = {Wiebren de Jonge},
  title     = {Compromising Statistical Databases Responding to Queries about
               Means},
  journal   = {ACM Trans. Database Syst.},
  volume    = {8},
  number    = {1},
  year      = {1983},
  pages     = {60-80},
  ee        = {http://doi.acm.org/10.1145/319830.319834, db/journals/tods/Jonge83.html},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}

Abstract

This paper describes how to compromise a statistical database which only answers queries about arithmetic means for query sets whose cardinality falls in the range [k, N - k], for some k > 0, where N >= 2k is the number of records in the database. The compromise is shown to be easy and to require only a little preknowledge; knowing the cardinality of just one nonempty query set is usually sufficient.

This means that not only count and sum queries, but also queries for arithmetic means can be extremely dangerous for the security of a statistical database, and that this threat must be taken into account explicitly by protective measures. This seems quite important from a practical standpoint: while arithmetic means were known for some time to be not altogether harmless, the (perhaps surprising) extent of the threat is now shown.

Copyright © 1983 by the ACM, Inc., used by permission. Permission to make digital or hard copies is granted provided that copies are not made or distributed for profit or direct commercial advantage, and that copies show this notice on the first page or initial screen of a display along with the full citation.

Joint ACM SIGMOD / IEEE Computer Society Anthology

• Windows: Click the letter of your CD drive
  A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
• Mac: Click here
• UNIX/LINUX: mount the CD and click on the path of your mount point:
  /Anthology/An3-1 or /cdrom

• Windows: Click the letter of your CD drive
  A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
• Mac: Click here
• UNIX/LINUX: mount the DVD and click on the path of your mount point:
  /Anthology/aDVD2 or /dvd

References

[1]

Francis Y. L. Chin: Security in Statistical Databases for Queries with Small Counts. ACM Trans. Database Syst. 3(1): 92-104(1978) BibTeX

[2]

George I. Davida, David J. Linton, C. Russel Szelag, David L. Wells: Database Security. IEEE Trans. Software Eng. 4(6): 531-533(1978) BibTeX

[3]

...

[4]

Dorothy E. Denning, Jan Schlörer: A Fast Procedure for Finding a Tracker in a Statistical Database. ACM Trans. Database Syst. 5(1): 88-102(1980) BibTeX

[5]

Dorothy E. Denning, Peter J. Denning, Mayer D. Schwartz: The Tracker: A Threat to Statistical Database Security. ACM Trans. Database Syst. 4(1): 76-96(1979) BibTeX

[6]

Richard A. DeMillo, David P. Dobkin, Richard J. Lipton: Even Data Bases That Lie Can Be Compromised. IEEE Trans. Software Eng. 4(1): 73-75(1978) BibTeX

[7]

David P. Dobkin, Anita K. Jones, Richard J. Lipton: Secure Databases: Protection Against User Influence. ACM Trans. Database Syst. 4(1): 97-106(1979) BibTeX

[8]

...

[9]

...

[10]

...

[11]

Jan Schlörer: Disclosure from Statistical Databases: Quantitative Aspects of Trackers. ACM Trans. Database Syst. 5(4): 467-492(1980) BibTeX

[12]

Mayer D. Schwartz, Dorothy E. Denning, Peter J. Denning: Linear Queries in Statistical Databases. ACM Trans. Database Syst. 4(2): 156-167(1979) BibTeX

Referenced by

1. Patrick Tendick, Norman S. Matloff: A Modified Random Perturbation Method for Database Security. ACM Trans. Database Syst. 19(1): 47-63(1994)
2. Nabil R. Adam, John C. Wortmann: Security-Control Methods for Statistical Databases: A Comparative Study. ACM Comput. Surv. 21(4): 515-556(1989)