Welcome to the InfoSci Platform
Reference Hub2
Probabilistic Inference Channel Detection and Restriction Applied to Patients’ Privacy Assurance

Probabilistic Inference Channel Detection and Restriction Applied to Patients’ Privacy Assurance

Bandar Alhaqbani, Colin Fidge
Copyright: © 2010 |Volume: 4 |Issue: 4 |Pages: 25
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781613503010|DOI: 10.4018/jisp.2010100103
Cite Article Cite Article

MLA

Alhaqbani, Bandar, and Colin Fidge. "Probabilistic Inference Channel Detection and Restriction Applied to Patients’ Privacy Assurance." IJISP vol.4, no.4 2010: pp.35-59. http://doi.org/10.4018/jisp.2010100103

APA

Alhaqbani, B. & Fidge, C. (2010). Probabilistic Inference Channel Detection and Restriction Applied to Patients’ Privacy Assurance. International Journal of Information Security and Privacy (IJISP), 4(4), 35-59. http://doi.org/10.4018/jisp.2010100103

Chicago

Alhaqbani, Bandar, and Colin Fidge. "Probabilistic Inference Channel Detection and Restriction Applied to Patients’ Privacy Assurance," International Journal of Information Security and Privacy (IJISP) 4, no.4: 35-59. http://doi.org/10.4018/jisp.2010100103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Traditional access control models protect sensitive data from unauthorised direct accesses; however, they fail to prevent indirect inferences. Information disclosure via inference channels occurs when secret information is derived from unclassified (non-secure) information and other sources like metadata and public observations. Previously, techniques using precise and fuzzy functional dependencies were proposed to detect inference channels. However, such methods are inappropriate when probabilistic relationships exist among data items that may be used to infer information with a predictable likelihood of accuracy. In this paper, the authors present definitions and algorithms for detecting inference channels in a probabilistic knowledge base and maximising an attacker’s uncertainty by restricting selected inference channels to comply with data confidentiality and privacy requirements. As an illustration, a healthcare scenario is used to show how inference control can be performed on probabilistic relations to address patients’ privacy concerns over Electronic Medical Records. To limit an attacker’s ability to know secret data selected inference channels are restricted by using a Bayesian network that incorporates the information stored within a medical knowledge base to decide which facts must be hidden to limit undesired inferences.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.