A brief overview of basic inference attacks and protection controls for statistical databases
Journal Title: Computer Science and Mathematical Modelling - Year 2016, Vol 0, Issue 4
Abstract
With cyber-attacks on the dramatic rise in the recent years, the number of entities which realize the necessity of protecting their IT assets increases. Individuals are more aware of the potential threats and demand high level of security from the business entities having access to their personal and private data. Such entities have legal obligations to satisfy the confidentiality when processing sensitive data, but many fails to do so. Keeping the statistical data private is a challenge as the approach to the security breaches slightly differs from the classical understanding of data disclosure attacks. The statistical disclosure can be achieved using inference attacks on the not-effectively protected assets. Such attacks do not target the database access itself, i.e. are performed from a perspective of an internal user, but the statistical interface used to retrieve the statistical data from the database records. This paper sums up basic types of inference attacks classifying them in the CVSS standard and provides a series of fundamental countermeasures which can be undertaken to mitigate the risk of performing successful attack.
Authors and Affiliations
Olga Dzięgielewska, Bolesław Szafrański
Keywords
Related Articles
- EP ID EP188108
- DOI -
- Views 89
- Downloads 0
A method of road traffic analysis based on the behavior of cell phone users
In this paper a possibility to use data describing mobile phone users’ behavior to derive road traffic information is investigated. The formal models of location data, road (as a simple polygonal chain) and its coverage...
Do Networks Control the World? From Euler to Barabasi
In the paper problem of multi-applications of graph and networks theory models and methods is considered. The paper is especially focused on specific features of real networks. Analysis methods of these networks, their p...
Analiza możliwości modelowania specyfiki zachowań giełdowych inwestorów masowych
W artykule przedstawiono różne metody modelowania zachowań giełdowych inwestorów masowych. Dokonano analizy możliwości wykorzystania podejść związanych z teorią oczekiwanej użyteczności, teorią perspektyw, z teorią gier...
Modeling Complex Network with Small World and Scale Free features
The paper deals with research of complex networks displaying the, so called, Small World and Scale Free features, which make them accurate models of many real networks A Small World network is a type of graph in which mo...
Inżynieria wymagań w metodach Agile
„Zwinne” wytwarzanie oprogramowania (Agile Software Development) stało się bardzo popularne na przestrzeni kilku ostatnich lat. Metody Agile zostały wymyślone w celu szybszego dostarczenia działającego oprogramowania do...