A brief overview of basic inference attacks and protection controls for statistical databases
Journal Title: Computer Science and Mathematical Modelling - Year 2016, Vol 0, Issue 4
Abstract
With cyber-attacks on the dramatic rise in the recent years, the number of entities which realize the necessity of protecting their IT assets increases. Individuals are more aware of the potential threats and demand high level of security from the business entities having access to their personal and private data. Such entities have legal obligations to satisfy the confidentiality when processing sensitive data, but many fails to do so. Keeping the statistical data private is a challenge as the approach to the security breaches slightly differs from the classical understanding of data disclosure attacks. The statistical disclosure can be achieved using inference attacks on the not-effectively protected assets. Such attacks do not target the database access itself, i.e. are performed from a perspective of an internal user, but the statistical interface used to retrieve the statistical data from the database records. This paper sums up basic types of inference attacks classifying them in the CVSS standard and provides a series of fundamental countermeasures which can be undertaken to mitigate the risk of performing successful attack.
Authors and Affiliations
Olga Dzięgielewska, Bolesław Szafrański
Keywords
Related Articles
- EP ID EP188108
- DOI -
- Views 123
- Downloads 0
The optimization of SQL queries by means of drawing up query diagrams
A poorly performing database application not only costs users time, but also has an impact on other applications running on the same computer or the same network. The best method to manage with this problem is performing...
Modelowanie wymagań w metodach Agile z wykorzystaniem X-Machines
Popyt na bardziej złożone, ale również bardziej wiarygodne i prawidłowe systemy z jednej strony, oraz fakt, że klika zmian w wymaganiach użytkownika w trakcie cyklu rozwoju oprogramowania z drugiej strony, prowadzi do ko...
Analiza możliwości modelowania specyfiki zachowań giełdowych inwestorów masowych
W artykule przedstawiono różne metody modelowania zachowań giełdowych inwestorów masowych. Dokonano analizy możliwości wykorzystania podejść związanych z teorią oczekiwanej użyteczności, teorią perspektyw, z teorią gier...
Data Warehouse In Knowledge Management System
In this study has been characterized as the use of data warehouse in knowledge management systems. In the first part those systems are characterized. In details are characterized: evident and implicit knowledge, manner o...
Data Warehouse In Knowledge Management System – solution model
In this study has been characterized as the use of selected implementation tools to design a data warehouse (SAS Institute) in system supporting knowledge management. In the first part, these tools are listed and briefly...