DocumentCode
449920
Title
New Approaches to Disclosure Limitation While Answering Queries to a Database: Protecting Numerical Confidential Data against Insider Threat Based on Data or Algorithms
Author
Garfinkel, Robert ; Gopal, Ram ; Rice, Daniel
Author_Institution
University of Connecticut
Volume
6
fYear
2006
fDate
04-07 Jan. 2006
Abstract
Confidentiality via Camouflage (CVC) is a practical method for giving unlimited, correct, numerical responses to ad-hoc queries to an on-line database, while not compromising confidential numerical data . Responses are in the form of intervals that are guaranteed to contain the exact answer. Virtually any imaginable query type can be answered and although sharing of query answers among users presents no problem, the threat of insider information is real. In this work we identify two distinct types of insider information, depending on whether the knowledge is of data in the confidential field or of the algorithmic process that is used to answer queries. We show that different realizations of CVC can protect against one type of insider threat or the other, while a combination of realizations can be used if the database administrator is not able to specify the type of threat that is present. Various strategies for dealing with cases where a user poses both types of threats are also presented. Computational experience relates the degradation of answer intervals that can be expected based on the type of threat that is protected against and indicates that, in general, algorithmic threat causes the greatest degradation.
Keywords
Data security; Degradation; Educational institutions; Image databases; Protection; Waste materials;
fLanguage
English
Publisher
ieee
Conference_Titel
System Sciences, 2006. HICSS '06. Proceedings of the 39th Annual Hawaii International Conference on
ISSN
1530-1605
Print_ISBN
0-7695-2507-5
Type
conf
DOI
10.1109/HICSS.2006.359
Filename
1579541
Link To Document