Interval protection of confidential information in a database

Ram D. Gopal; Paulo B. Goes; Robert S. Garfinkel

doi:10.1287/ijoc.10.3.309

Interval protection of confidential information in a database

Ram D. Gopal, Paulo B. Goes, Robert S. Garfinkel

Management Information Systems

Research output: Contribution to journal › Article › peer-review

17 Scopus citations

Abstract

We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

Original language	English (US)
Pages (from-to)	309-322
Number of pages	14
Journal	INFORMS Journal on Computing
Volume	10
Issue number	3
DOIs	https://doi.org/10.1287/ijoc.10.3.309
State	Published - 1998

Keywords

Database
Database security
Query processing
Query restriction
Security

ASJC Scopus subject areas

Software
Information Systems
Computer Science Applications
Management Science and Operations Research

Access to Document

10.1287/ijoc.10.3.309

Cite this

@article{749fbc1032914ed985d50bf90ee06f51,

title = "Interval protection of confidential information in a database",

abstract = "We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.",

keywords = "Database, Database security, Query processing, Query restriction, Security",

author = "Gopal, {Ram D.} and Goes, {Paulo B.} and Garfinkel, {Robert S.}",

year = "1998",

doi = "10.1287/ijoc.10.3.309",

language = "English (US)",

volume = "10",

pages = "309--322",

journal = "INFORMS Journal on Computing",

issn = "1091-9856",

publisher = "INFORMS Institute for Operations Research and the Management Sciences",

number = "3",

}

TY - JOUR

T1 - Interval protection of confidential information in a database

AU - Gopal, Ram D.

AU - Goes, Paulo B.

AU - Garfinkel, Robert S.

PY - 1998

Y1 - 1998

N2 - We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

AB - We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that It is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.

KW - Database

KW - Database security

KW - Query processing

KW - Query restriction

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=0000328477&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0000328477&partnerID=8YFLogxK

U2 - 10.1287/ijoc.10.3.309

DO - 10.1287/ijoc.10.3.309

M3 - Article

AN - SCOPUS:0000328477

SN - 1091-9856

VL - 10

SP - 309

EP - 322

JO - INFORMS Journal on Computing

JF - INFORMS Journal on Computing

IS - 3

ER -

Interval protection of confidential information in a database

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this