This chapter is a survey of query auditing techniques for detecting and preventing disclosures in a database containing private data. Informally, auditing is the process of examining past actions to check whether they were in conformance with official policies. In the context of database systems with specific data disclosure policies, auditing is the process of examining queries that were answered in the past to determine whether answers to these queries could have been used by an individual to ascertain confidential information forbidden by the disclosure policies. Techniques used for detecting disclosures could potentially also be used or extended to prevent disclosures, and so in addition to the retroactive auditing mentioned above, researchers have also studied an online variant of the auditing problem wherein the task of an online auditor is to deny queries that could potentially cause a breach of privacy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
N. Adam and J. Wortmann. Security-control methods for statistical databases: a comparative study. ACM Computing Surveys, 21(4):515–556, 1989.
R. Agrawal, R. Bayardo, C. Faloutsos, J. Kieman, R. Rantzau, and R. Srikant. Auditing Compliance with a Hippocratic Database. In Proceedings of the International Conference on Very Large Databases (VLDB), 2004.
D. Applegate and R. Kannan. Sampling and integration of near log-concave functions. In Proceedings of the ACM Symposium on Theory of Computing (STOC), pages 156–163, 1991.
F. Chin. Security Problems on Inference Control for SUM, MAX, and MIN Queries. J. ACM, 33(3):451–464, 1986.
N. Dalvi, G. Miklau, and D. Suciu. Asymptotic Conditional Probabilities for Conjunctive Queries. In Proceedings of the International Conference on Database Theory (ICDT), 2007.
D. Dobkin, A. Jones, and R. Lipton. Secure Databases: Protection against User Influence. ACM Transactions on Database Systems (TODS), 4(1):97–106, 1979.
A. Frieze and R. Kannan. Log-sobolev inequalities and sampling from log-concave distributions. Annals of Applied Probability, 9(1):14–26, February 1999.
J. Kam and J. Ullman. A model of statistical databases and their security. ACM Transactions on Database Systems (TODS), 2(1):1–10, 1977.
R. Kannan, L. Lovasz, and M. Simonovits. Random walks and an O ∗(n 5) volume algorithm for convex bodies. Random Structures and Algorithms, 11, 1997.
K. Kenthapadi. Models and Algorithms for Data Privacy. Ph.D. Thesis, Computer Science Department, Stanford University, 2006.
K. Kenthapadi, N. Mishra, and K. Nissim. Simulatable Auditing. In Proceedings of the ACM Symposium on Principles of Database Systems (PODS), pages 118–127, 2005.
J. Kleinberg, C. Papadimitriou, and P. Raghavan. Auditing Boolean Attributes. Journal of Computer and System Sciences, 6:244–253, 2003.
L. Lovasz and S. Vempala. Logconcave functions: Geometry and efficient sampling algorithms. In Proceedings of the IEEE Symposium on Foundations of Computer Science (FOCS), 2003.
L. Lovasz and S. Vempala. Simulated annealing in convex bodies and an O ∗(n 4) volume algorithm. In Proceedings of the IEEE Symposium on Foundations of Computer Science (FOCS), pages 650–659, 2003.
A. Machanavajjhala and J. Gehrke. On the Efficiency of Checking Perfect Privacy. In Proceedings of the ACM Symposium on Principles of Database Systems (PODS), 2006.
G. Miklau and D. Suciu. A Formal Analysis of Information Disclosure in Data Exchange. Journal of Computer and System Sciences, 2006.
R. Motwani, S. U. Nabar, and D. Thomas. Auditing SQL Queries. In Proceedings of the International Conference on Data Engineering (ICDE), 2008.
S. U. Nabar, B. Marthi, K. Kenthapadi, N. Mishra, and R. Motwani. Towards Robustness in Query Auditing. In Proceedings of the International Conference on Very Large Databases (VLDB), 2006.
S. Reiss. Security in Databases: A Combinatorial Study. J. ACM, 26(1):45–57, 1979.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Nabar, S.U., Kenthapadi, K., Mishra, N., Motwani, R. (2008). A Survey of Query Auditing Techniques for Data Privacy. In: Aggarwal, C.C., Yu, P.S. (eds) Privacy-Preserving Data Mining. Advances in Database Systems, vol 34. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-70992-5_17
Download citation
DOI: https://doi.org/10.1007/978-0-387-70992-5_17
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-70991-8
Online ISBN: 978-0-387-70992-5
eBook Packages: Computer ScienceComputer Science (R0)