Sciweavers

SIGMOD
2004
ACM

A Formal Analysis of Information Disclosure in Data Exchange

14 years 11 months ago
A Formal Analysis of Information Disclosure in Data Exchange
We perform a theoretical study of the following queryview security problem: given a view V to be published, does V logically disclose information about a confidential query S? The problem is motivated by the need to manage the risk of unintended information disclosure in today's world of universal data exchange. We present a novel information-theoretic standard for query-view security. This criterion can be used to provide a precise analysis of information disclosure for a host of data exchange scenarios, including multi-party collusion and the use of outside knowledge by an adversary trying to learn privileged facts about the database. We prove a number of theoretical results for deciding security according to this standard. We also generalize our security criterion to account for prior knowledge a user or adversary may possess, and introduce techniques for measuring the magnitude of partial disclosures. We believe these results can be a foundation for practical efforts to secur...
Gerome Miklau, Dan Suciu
Added 08 Dec 2009
Updated 08 Dec 2009
Type Conference
Year 2004
Where SIGMOD
Authors Gerome Miklau, Dan Suciu
Comments (0)