article

Free access

The tracker: a threat to statistical database security

Editors: David K. Hsiao,

Mayer D. Schwartz Authors:

Dorothy E. Denning,

Peter J. DenningAuthors Info & Claims

ACM Transactions on Database Systems (TODS), Volume 4, Issue 1

Pages 76 - 96

https://doi.org/10.1145/320064.320069

Published: 01 March 1979 Publication History

Abstract

The query programs of certain databases report raw statistics for query sets, which are groups of records specified implicitly by a characteristic formula. The raw statistics include query set size and sums of powers of values in the query set. Many users and designers believe that the individual records will remain confidential as long as query programs refuse to report the statistics of query sets which are too small. It is shown that the compromise of small query sets can in fact almost always be accomplished with the help of characteristic formulas called trackers. Schlörer's individual tracker is reviewed; it is derived from known characteristics of a given individual and permits deducing additional characteristics he may have. The general tracker is introduced: It permits calculating statistics for arbitrary query sets, without requiring preknowledge of anything in the database. General trackers always exist if there are enough distinguishable classes of individuals in the database, in which case the trackers have a simple form. Almost all databases have a general tracker, and general trackers are almost always easy to find. Security is not guaranteed by the lack of a general tracker.

References

[1]

ASTRAHAN, M.M., ET AL. System R: Relational approach to database management. ACM Trans. Database Syst. 1, 2 {June 1976), 97-137.

Digital Library

[2]

CHAMBERLIN, D.D., AND BOYCE, R. SEQUEL: A structured English query language. Proc. ACM SIGMOD Workshop on Data Description, Access, and Control, May 1974, pp. 249-264.

Digital Library

[3]

CHIN, F.Y. Security in statistical data bases for queries with small counts. ACM Trans. Database Syst. 3, 1 (March 1978), 92-I04.

Digital Library

[4]

DOBKIN, D., JONES, A.K., AND LIPTON, R.J. Secure databases: Protection against user inference. Res. Rep. No. 65, Dept. Comptr. Sci., Yale U, New Haven, Conn., April 1976. To appear in ACM Trans. Database Syst.

Digital Library

[5]

FELLE6{, I.P. On the question of statistical confidentiality. J. Amer. Statist. Assoc. 67, 337 (March 1972), 7-18.

[6]

FELLEGI, I.P., AND PHILLIPS, J. L. Statistical confidentiality: Some theory and applications to data dissemination. Annals Econ. Soc'l Measurement 3, 2 (April 1974), 399-409.

[7]

GAREY, M.R., AND JOHNSON, D. S. Strong NP-completeness results: Motivation, examples, and implications. J. ACM 25, 3(July I978), 499-508.

Digital Library

[8]

HANSEN, M.H. Insuring confidentiality of individual records in data storage and retrieval for statistical purposes. Proc. AFIPS 1971 FJCC, Vol. 39, AFIPS Press, Montvale, N.J., pp. 579-585.

[9]

HAQ, M.I. Security in a statistical data base. Proc. Amer. Soc. Inform. Sci. 11 (1974), 33-39.

[10]

HOFFMAN, L.J., AND MILLER, W.F. Getting a personal dossier from a statistical data bank. Datamation16, 5 (May 1970), 74-75.

[11]

KAM, J.B., AND ULLMAN, J.D. A model of statistical databases and their security. ACM Trans. Database Syst. 2, 1 (March 1977), 1-10.

Digital Library

[12]

NARGUNDKAR, M.S., AND SAVELAND, W. Random rounding to prevent statistical disclosure. Proc. Amer. Statist. Assoc., Soc. Statistics Sect. (1972), 382-385.

[13]

PALME, J. Software security. Datamation 20, 1 (Jan. 1974), 51-55.

[14]

SCHLORER, J. Identification and retrieval of personal records from a statistical data bank. Methods of Inform. in Medicine 14, 1 (Jan. 1975), 7-I3.

[15]

SCHLORZR, J. Confidentiality of statistical records: A threat monitoring scheme for on-line dialogue. Methods of Inform. in Medicine 15, 1 (Jan. 1976), 36-42.

[16]

SCHLORER, J. Union tracker and open statistical databases. Rep. TB-IMSD 1/78, Institut ftir Medizinische Statistik und Dokumentation, Universi~t Giessen, June 1978.

[17]

SCHWARTZ, M.D. Inference from statistic,al data bases. Ph.D. Th., Dept. Comptr. Sci., Purdue U., W. Lafayette, Ind., Aug. 1977.

Digital Library

[18]

SCHWARTZ, M.D., DENNING, D.E., AND DENNING, P.J. Linear queries in statistical data bases. TR-216, Dept. Comptr. Sci., Purdue, U., W. Lafayette, Ind., Nov. 1976. To appear in ACM Trans. Database Syst.

Digital Library

[19]

SCHWARTZ, M.D., DENNING, D.E., AND DENNING, P.J. Securing data bases under linear queries. Information Processing 77, North-Holland Pub. Co., Amsterdam, 1977, pp. 395-398.

[20]

STONEBRAKER, M., WONG, E., KREPS, P., AND HELD, G. The design and implementation of INGRES. ACM Trans. Database Syst. i, 3 {Sept. 1976}, 189-222.

Digital Library

[21]

Yu, C.T., AND CHIN, F.Y. A study on the protection of statistical data bases. ACM SIGMOD Conf. Manage. of Data, Toronto, Canada, Aug. 1977, pp. 169-181.

Digital Library

[22]

WEIDE, B. A survey of analysis techniques for discrete algorithms. Cornptng. Surveys 9, 4 (Dec. 1977), 291-313.

Digital Library

Cited By

Tan CYang K(2024)Privacy-preserving adaptive traffic signal control in a connected vehicle environmentTransportation Research Part C: Emerging Technologies10.1016/j.trc.2023.104453158(104453)Online publication date: Jan-2024
https://doi.org/10.1016/j.trc.2023.104453
Manchini COspina RLeiva VMartin-Barreiro C(2023)A new approach to data differential privacy based on regression models under heteroscedasticity with applications to machine learning repository dataInformation Sciences10.1016/j.ins.2022.10.076627(280-300)Online publication date: May-2023
https://doi.org/10.1016/j.ins.2022.10.076
Osborn SServos DShermin M(2023)Issues in Access Control and Privacy for Big DataGranular, Fuzzy, and Soft Computing10.1007/978-1-0716-2628-3_752(615-623)Online publication date: 30-Mar-2023
https://doi.org/10.1007/978-1-0716-2628-3_752
Show More Cited By

Index Terms

The tracker: a threat to statistical database security

Recommendations

A fast procedure for finding a tracker in a statistical database

To avoid trivial compromises, most on-line statistical databases refuse to answer queries for statistics about small subgroups. Previous research discovered a powerful snooping tool, the tracker, with which the answers to these unanswerable queries are ...
Security of statistical databases: multidimensional transformation

Statistical evaluation of databases which contain personal records may entail risks for the confidentiality of the individual records. The risk has increased with the availability of flexible interactive evaluation programs which permit the use of ...
Secure statistical databases with random sample queries

A new inference control, called random sample queries, is proposed for safeguarding confidential data in on-line statistical databases. The random sample queries control deals directly with the basic principle of compromise by making it impossible for a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Database Systems

ACM Transactions on Database Systems Volume 4, Issue 1

March 1979

131 pages

ISSN:0362-5915

EISSN:1557-4644

DOI:10.1145/320064

Editor:
David K. Hsiao
Ohio State Univ., Columbus

Issue’s Table of Contents

Copyright © 1979 ACM.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 1979

Published in TODS Volume 4, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

157
Total Citations
View Citations
2,617
Total Downloads

Downloads (Last 12 months)379
Downloads (Last 6 weeks)23

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Tan CYang K(2024)Privacy-preserving adaptive traffic signal control in a connected vehicle environmentTransportation Research Part C: Emerging Technologies10.1016/j.trc.2023.104453158(104453)Online publication date: Jan-2024
https://doi.org/10.1016/j.trc.2023.104453
Manchini COspina RLeiva VMartin-Barreiro C(2023)A new approach to data differential privacy based on regression models under heteroscedasticity with applications to machine learning repository dataInformation Sciences10.1016/j.ins.2022.10.076627(280-300)Online publication date: May-2023
https://doi.org/10.1016/j.ins.2022.10.076
Osborn SServos DShermin M(2023)Issues in Access Control and Privacy for Big DataGranular, Fuzzy, and Soft Computing10.1007/978-1-0716-2628-3_752(615-623)Online publication date: 30-Mar-2023
https://doi.org/10.1007/978-1-0716-2628-3_752
Cretu AHoussiau FCully Ade Montjoye YYin HStavrou ACremers CShi E(2022)QuerySnoutProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3560581(623-637)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3560581
Nussbaum ESegal M(2022)Privacy Analysis of Query-Set-Size ControlACM Transactions on Privacy and Security10.1145/353277425:4(1-19)Online publication date: 9-Jul-2022
https://dl.acm.org/doi/10.1145/3532774
Sivakumar JMalik MRajasekaran A(2022)Integrity Auditing for Secure Cloud Storage on Sensitive Data Protection2022 IEEE 2nd International Conference on Mobile Networks and Wireless Communications (ICMNWC)10.1109/ICMNWC56175.2022.10031918(1-6)Online publication date: 2-Dec-2022
https://doi.org/10.1109/ICMNWC56175.2022.10031918
Noury AAmini M(2022)An access and inference control model for time series databasesFuture Generation Computer Systems10.1016/j.future.2018.09.05792:C(93-108)Online publication date: 15-Apr-2022
https://dl.acm.org/doi/10.1016/j.future.2018.09.057
Osborn SServos DShermin M(2021)Issues in Access Control and Privacy for Big DataEncyclopedia of Complexity and Systems Science10.1007/978-3-642-27737-5_752-1(1-9)Online publication date: 12-Aug-2021
https://doi.org/10.1007/978-3-642-27737-5_752-1
Anderson R(2020)BibliographySecurity Engineering10.1002/9781119644682.biblio(1061-1141)Online publication date: 2-Dec-2020
https://doi.org/10.1002/9781119644682.biblio
Deng XMirkovic J(2017)Commoner Privacy And A Study On Network TracesProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134602(566-576)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134602
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents