protection of database security via collaborative inference detection


Access control mechanisms are commonly used to provide control over who may access

sensitive information. However, malicious users can exploit the correlation among the data and infer

sensitive information from a series of seemingly innocuous data access. In this paper, we proposed a

detection system that utilizes both the user’s current query and past query log to determine if the current

query answer can infer sensitive information. A semantic inference model (SIM) is constructed based

on the data dependency, database schema and semantic relationship among data. After the SIM is

instantiated via specific instances, it can then be mapped to a Bayesian network and used for evaluating

the inference probability. The decision of answering the current query is based on if any of the sensitive

attributes can be inferred with a probability higher than their pre-specified thresholds. This detection

system is being extended to the cases of multiple collaborative users based on the query history of all

the users and their collaborative levels for specific sensitive information.

Tags :
Your rating: None Average: 3.6 (5 votes)

Posted by

Mon, 20/06/2011 - 10:59