Interval protection of confidential information in a database

Ram D. Gopal, Paulo B Goes, Robert S. Garfinkel

Research output: Contribution to journalArticle

15 Citations (Scopus)

Abstract

We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

Original languageEnglish (US)
Pages (from-to)309-322
Number of pages14
JournalINFORMS Journal on Computing
Volume10
Issue number3
StatePublished - Jun 1998
Externally publishedYes

Fingerprint

Security of data
Linear programming
Data base
Query
Perturbation
Compromise
Disclosure

Keywords

  • Database
  • Database security
  • Query processing
  • Query restriction
  • Security

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Management Science and Operations Research

Cite this

Interval protection of confidential information in a database. / Gopal, Ram D.; Goes, Paulo B; Garfinkel, Robert S.

In: INFORMS Journal on Computing, Vol. 10, No. 3, 06.1998, p. 309-322.

Research output: Contribution to journalArticle

Gopal, RD, Goes, PB & Garfinkel, RS 1998, 'Interval protection of confidential information in a database', INFORMS Journal on Computing, vol. 10, no. 3, pp. 309-322.
Gopal, Ram D. ; Goes, Paulo B ; Garfinkel, Robert S. / Interval protection of confidential information in a database. In: INFORMS Journal on Computing. 1998 ; Vol. 10, No. 3. pp. 309-322.
@article{749fbc1032914ed985d50bf90ee06f51,
title = "Interval protection of confidential information in a database",
abstract = "We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.",
keywords = "Database, Database security, Query processing, Query restriction, Security",
author = "Gopal, {Ram D.} and Goes, {Paulo B} and Garfinkel, {Robert S.}",
year = "1998",
month = "6",
language = "English (US)",
volume = "10",
pages = "309--322",
journal = "INFORMS Journal on Computing",
issn = "1091-9856",
publisher = "INFORMS Inst.for Operations Res.and the Management Sciences",
number = "3",

}

TY - JOUR

T1 - Interval protection of confidential information in a database

AU - Gopal, Ram D.

AU - Goes, Paulo B

AU - Garfinkel, Robert S.

PY - 1998/6

Y1 - 1998/6

N2 - We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

AB - We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

KW - Database

KW - Database security

KW - Query processing

KW - Query restriction

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=0000328477&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0000328477&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:0000328477

VL - 10

SP - 309

EP - 322

JO - INFORMS Journal on Computing

JF - INFORMS Journal on Computing

SN - 1091-9856

IS - 3

ER -