Skip to main content
SpringerLink
Log in

Reactive and Proactive Methods for Database Protection against Logical Inference Attacks

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

If data is not available to the outside world, it is useless. It must be available so that it can be processed and planned. Regulating and monitoring user access to a database is an important task for the database security community. Protecting a database against logical inference attacks is part of information security to prevent the disclosure of sensitive data through available information (tables and individual records). It is necessary to have methods capable of maintaining a balance between the use of information and the protection of data. The purpose of this work is to compare different inference control methods in order to evaluate the results of methods to minimize both the loss of information and the risk of information disclosure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.

REFERENCES

  1. Poltavtseva, M.A., Evolution of data management systems and their security, 2019 Int. Conf. on Engineering Technologies and Computer Science (EnT), Moscow, 2019, IEEE, 2019, pp. 25–29. https://doi.org/10.1109/EnT.2019.00010

  2. Aleksandrova, E.B., Zegzhda, D.P., and Konoplev, A.S., Applying the group signature for entity authentication in distributed grid computing networks, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 739–742. https://doi.org/10.3103/S0146411616080265

    Article  Google Scholar 

  3. Aleksandrova, E.B. and Shkorkina, E.N., Using undeniable signature on elliptic curves to verify servers in outsourced computations, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1160–1163. https://doi.org/10.3103/S0146411618080023

    Article  Google Scholar 

  4. Aleksandrova, E.B., Post-quantum primitives in information security, Nonlinear Phenom. Complex Syst., 2019, vol. 22, no. 3, pp. 269–276.

    MATH  Google Scholar 

  5. Aleksandrova, E.B., Poltavtseva, M.A., and Shmatov, V.S., Ensuring the big data integrity through verifiable zero-knowledge operations, Mobile Internet Security. MobiSec 2021, You, I., Kim, H., Youn, TY., Palmieri, F., and Kotenko, I., Eds., Communications in Computer and Information Science, vol. 1544, Singapore: Springer, 2022, pp. 211–221.  https://doi.org/10.1007/978-981-16-9576-6_15

  6. Poltavtseva, M.A., Zegzhda, D.P., and Kalinin, M.O., Big data management system security threat model, A-utom. Control Comput. Sci., 2019, vol. 53, no. 8, pp. 903–913. https://doi.org/10.3103/S0146411619080261

    Article  Google Scholar 

  7. Poltavtseva, M.A. and Kalinin, M.O., Conceptual data modeling using aggregates to ensure large-scale distributed data management systems security, Intelligent Distributed Computing XIII. IDC 2019, Kotenko, I., Badica, C., Desnitsky, V., El Baz, D., and Ivanovic, M., Eds., Studies in Computational Intelligence, vol. 868, Cham: Springer, 2020, pp. 41–47. https://doi.org/10.1007/978-3-030-32258-8_5

  8. Poltavtseva, M.A., Evolution of data management systems and their security, 2019 Int. Conf. on Engineering Technologies and Computer Science (EnT), Moscow, 2019, IEEE, 2019, pp. 25–29. https://doi.org/10.1109/EnT.2019.00010

  9. Poltavtseva, M. and Tick, A., Automatic control approach to the cyber-physical systems security monitoring, Algorithms and Solutions Based on Computer Technology, Jahn, C., Ungvari, L., and Ilin, I., Eds., Lecture Notes in Networks and Systems, vol. 387, Cham: Springer, 2022, pp. 17–30. https://doi.org/10.1007/978-3-030-93872-7_2

  10. Zegzhda, D.P., Moskvin, D.A., and Myasnikov, A.V., Assurance of cyber resistance of the distributed data storage systems using the blockchain technology, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1111–1116. https://doi.org/10.3103/S0146411618080400

    Article  Google Scholar 

  11. Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Architecture of the protected cloud data storage using Intel SGX technology, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1144–1149. https://doi.org/10.3103/S0146411618080394

    Article  Google Scholar 

  12. Domingo-Ferrer, J. and Torra, V., Disclosure control methods and information loss for microdata, Confidentiality, Disclosure and Data Access: Theory and Practical Applications for Statistical Agencies, 2001, pp. 91–110.

  13. Domingo-Ferrer, J., Microaggregation for protecting individual data privacy, Proceso de Toma de Decisiones, Modelado y Agregacion de Preferencias TIC-2002-11492-E, 2005, pp. 171–178.

  14. Adam, N.R. and Worthmann, J.C., Security-control methods for statistical databases: A comparative study, ACM Comput. Surv., 1989, vol. 21, no. 4, pp. 515–556. https://doi.org/10.1145/76894.76895

    Article  Google Scholar 

  15. Denning, D.E. and Schlörer, J., Inference control for statistical databases, Computer, 1983, vol. 16, no. 7, pp. 69–82. https://doi.org/10.1109/MC.1983.1654444

    Article  Google Scholar 

  16. Domingo-Ferrer, J. and Mateo-Sanz, J.M., On the security of cell suppression in contingency tables with quantitative factors, Proc. 3rd Int. Seminar on Statistical Confidentiality, 1996, pp. 208–217.

  17. Domingo-Ferrer, J., Oganian, A., and Torra, V., Information-theoretic disclosure risk measures in statistical disclosure control of tabular data, Proc. 14th Int. Conf. on Scientific and Statistical Database Management, Edinburgh, 2002, IEEE, 2002, pp. 227–231.  https://doi.org/10.1109/SSDM.2002.1029724

  18. Garvey, T.D., The inference problem for computer security, Proc. The Computer Security Foundations Workshop V, Franconia, N.H., 1992, IEEE, 1992, pp. 78–81.  https://doi.org/10.1109/CSFW.1992.236786

  19. Chakravarthi, R., Shafer, G., and Raman, S., Inference detection using clustering, PhD Thesis, 2001.

  20. Hinke, T.H., Delugach, H.S., and Wolf, R.P., Protecting databases from inference attacks, Comput. Secur., 1997, vol. 16, no. 8, pp. 687–708. https://doi.org/10.1016/S0167-4048(97)87607-9

    Article  Google Scholar 

  21. Hoffman, L.J. and Miller, W.F., Getting a personal dossier from a statistical data bank, Datamation, 1970, vol. 16, no. 5, pp. 74–75.

    Google Scholar 

  22. Schlörer, J., Confidentiality and security in statistical data banks, Proc. Workshop on Data Documentation, Reisensburg Castle, Germany, 1975, Munich: Verlag Documentation, 1977, pp. 101–123.

  23. Su, T.-A. and Ozsoyoglu, G., Controlling FD and MVD inferences in multilevel relational database systems, IEEE Trans. Knowl. Data Eng., 1991, vol. 3, no. 4, pp. 474–485.https://doi.org/10.1109/69.109108

Download references

Author information

Authors and Affiliations

  1. Tver State Technical University, 170026, Tver, Russia

    A. A. Poltavtsev

Authors
  1. A. A. Poltavtsev
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. A. Poltavtsev.

Ethics declarations

The author declares that he has no conflicts of interest.

Additional information

Translated by I. Obrezanova

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Poltavtsev, A.A. Reactive and Proactive Methods for Database Protection against Logical Inference Attacks. Aut. Control Comp. Sci. 56, 888–897 (2022). https://doi.org/10.3103/S014641162208017X

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S014641162208017X

Keywords:

Search

Navigation