Inference Problem Privacy Preserving Data Mining.

Slides:



Advertisements
Similar presentations
Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
Advertisements

Statistical database security Special purpose: used only for statistical computations. General purpose: used with normal queries (and updates) as well.
Database Security - Farkas 1 Database Security and Privacy.
Computer Science and Engineering 1 What these organizations have in common? American Education Services, PA United States Marine Corps / Penn State University.
UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.
Information Security Principles & Applications
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
Monday, 08 June 2015Dr. Mohamed Osman1 What is Database Administration A high level function (technical Function) that is responsible for ► physical DB.
Dr. Leszek Lilien Department of Computer Science
Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.
Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.
Last time Finish OTR Database Security Introduction to Databases
Access 2007 ® Use Databases How can Access help you to find and use information?
Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.
Computer Science and Engineering 1 XML, RDF, Workflow Security.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
CSCE 548 Secure Software Development Web Application Security.
Database Security DBMS Features Statistical Database Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 5 “Database and Cloud Security”.
Polyinstantiation Problem
CSCE 548 Secure Software Development Weak Password-Based Systems Store and Protect Data Securely Information Leakage Failure to Handle Errors Correctly.
Information Security Databases and (Inter)Networks Prof. dr. P.M.E. De Bra Department of Computing Science Eindhoven University of Technology.
Introduction to: 1.  Goal[DEN83]:  Provide frequency, average, other statistics of persons  Challenge:  Preserving privacy[DEN83]  Interaction between.
Computer Security: Principles and Practice
Querying Structured Text in an XML Database By Xuemei Luo.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Computer Science and Engineering 1 Information Assurance Research Department of Computer Science and Engineering University of South Carolina, Columbia.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 5 – Database Security.
Next-generation databases Active databases: when a particular event occurs and given conditions are satisfied then some actions are executed. An active.
CSCE 824 Secure and Distributed Database Management Systems FarkasCSCE 8241.
Open Sources -- Intelligence The GoodThe Bad The Ugly Challenges.
Chapter No 4 Query optimization and Data Integrity & Security.
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security.
6.1 © 2010 by Prentice Hall 6 Chapter Foundations of Business Intelligence: Databases and Information Management.
Chapter 9 Database Systems. © 2005 Pearson Addison-Wesley. All rights reserved 9-2 Chapter 9: Database Systems 9.1 Database Fundamentals 9.2 The Relational.
Database Security.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 21 November 2, 2004.
INTRODUCTION lecture1 1. Data base concept Data is a meaningless static value. What does 3421 means? Information is the data you process in a manner that.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem - I September.
CSCE 548 Secure Software Development Information Leakage + Failing to Handle Errors.
Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1.
Csilla Farkas Department of Computer Science and Engineering University of South Carolina
CSCE 824 Secure (and Distributed) Database Management Systems FarkasCSCE
Introduction Database Security Overview. Readings This lecture: This lecture: –Textbook: Chapter 5.2 –Lecture materials from CSCE 522, Nov. 3, Lecture.
Trustworthy Semantic Web Dr. Bhavani Thuraisingham The University of Texas at Dallas Inference Problem March 4, 2011.
Inference Problem. Access Control Policies Direct access Information flow Not addressed: indirect data access CSCE Farkas 2 Lecture 19.
Inference Problem Privacy Preserving Data Mining.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #25 Dependable Data Management.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Inference Problem - I.
1 CS 430 Database Theory Winter 2005 Lecture 7: Designing a Database Logical Level.
Writing Secure Programs. Program Security CSCE Farkas/Eastman - Fall Program Flaws Taxonomy of flaws: how (genesis) when (time) where (location)
Big Data Analytics Are we at risk? Dr. Csilla Farkas Director Center for Information Assurance Engineering (CIAE) Department of Computer Science and Engineering.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
Database and Cloud Security
Database System Implementation CSE 507
Web Data and Application Security
Security.
Building Trustworthy Semantic Webs
Inference and Flow Control
Building Trustworthy Semantic Webs
Data Warehousing Data Mining Privacy
Data Provenance.
Data and Applications Security Developments and Directions
Trustworthy Semantic Web
Andrei G. Stoica and Csilla Farkas
XML, distributed data, replicated data, and Security
XML and Security Csilla Farkas
Presentation transcript:

Inference Problem Privacy Preserving Data Mining

CSCE Farkas 2 Lecture 19 Readings and Assignments  I. Moskowitz, M. H. Kang: Covert Channels – Here to Stay? d.nrl.navy.milzSzITDzSz5540zSzpublicationszSzCHACSzSz1994 zSz1994moskowitz-compass.pdf/moskowitz94covert.pdf d.nrl.navy.milzSzITDzSz5540zSzpublicationszSzCHACSzSz1994 zSz1994moskowitz-compass.pdf/moskowitz94covert.pdf  Jajodia, Meadows: Inference Problems in Multilevel Secure Database Management Systems essay 24

CSCE Farkas 3 Lecture 19 Indirect Information Flow Channels Covert channels Inference channels

CSCE Farkas 4 Lecture 19 Communication Channels Overt Channel: designed into a system and documented in the user's manual Covert Channel: not documented. Covert channels may be deliberately inserted into a system, but most such channels are accidents of the system design.

CSCE Farkas 5 Lecture 19 Covert Channel Timing Channel: based on system times Storage channels: not time related communication Can be turned into each other

CSCE Farkas 6 Lecture 19 Inference Channels + Meta-data Sensitive Information Non-sensitive information =

CSCE Farkas 7 Lecture 19 Inference Channels Statistical Database Inferences General Purpose Database Inferences

CSCE Farkas 8 Lecture 19 Statistical Databases Goal: provide aggregate information about groups of individuals  E.g., average grade point of students Security risk: specific information about a particular individual  E.g., grade point of student John Smith Meta-data:  Working knowledge about the attributes  Supplementary knowledge (not stored in database)

CSCE Farkas 9 Lecture 19 Types of Statistics Macro-statistics: collections of related statistics presented in 2- dimensional tables Micro-statistics: Individual data records used for statistics after identifying information is removed Sex\Year Sum Female415 Male Sum SexCourseGPAYear FCSCE M CSCE FCSCE

CSCE Farkas 10 Lecture 19 Statistical Compromise Exact compromise: find exact value of an attribute of an individual (e.g., John Smith’s GPA is 3.8) Partial compromise: find an estimate of an attribute value corresponding to an individual (e.g., John Smith’s GPA is between 3.5 and 4.0)

CSCE Farkas 11 Lecture 19 Methods of Attacks and Protection Small/Large Query Set Attack  C: characteristic formula that identifies groups of individuals If C identifies a single individual I, e.g., count(C) = 1  Find out existence of property If count(C and D)=1 means I has property D If count(C and D)=0 means I does not have D OR  Find value of property Sum(C, D), gives value of D

CSCE Farkas 12 Lecture 19 Small/Large Query Set Attack cont. Protection from small/large query set attack: query-set-size control A query q(C) is permitted only if N-n  |C|  n, where n  0 is a parameter of the database and N is all the records in the database

CSCE Farkas 13 Lecture 19 Tracker attack TrackerC C1 C2 C=C1 and C2 T=C1 and ~C2 q(C)=q(C1) – q(T) q(C) is disallowed

CSCE Farkas 14 Lecture 19 Tracker attack Tracker C C1 C2 C=C1 and C2 T=C1 and ~C2 D C and D q(C and D)= q(T or C and D) – q(T) q(C and D) is disallowed

CSCE Farkas 15 Lecture 19 Query overlap attack C1 C2 John Kathy Max Fred Eve Paul Mitch Q(John)=q(C1)-q(C2) Protection: query-overlap control

CSCE Farkas 16 Lecture 19 Insertion/Deletion Attack Observing changes overtime  q 1 =q(C)  insert(i)  q 2 =q(C)  q(i)=q 2 -q 1 Protection: insertion/deletion performed as pairs

CSCE Farkas 17 Lecture 19 Statistical Inference Theory Give unlimited number of statistics and correct statistical answers, all statistical databases can be compromised (Ullman)

CSCE Farkas 18 Lecture 19 Inferences in General-Purpose Databases Queries based on sensitive data Inference via database constraints Inferences via updates

CSCE Farkas 19 Lecture 19 Queries based on sensitive data Sensitive information is used in selection condition but not returned to the user. Example: Salary: secret, Name: public  Name  Salary=$25,000 Protection: apply query of database views at different security levels

CSCE Farkas 20 Lecture 19 Database Constraints Integrity constraints Database dependencies Key integrity

CSCE Farkas 21 Lecture 19 Integrity Constraints C=A+B A=public, C=public, and B=secret B can be calculated from A and C, i.e., secret information can be calculated from public data

CSCE Farkas 22 Lecture 19 Database Dependencies Metadata: Functional dependencies Multi-valued dependencies Join dependencies etc.

CSCE Farkas 23 Lecture 19 Functional Dependency FD: A  B, that is for any two tuples in the relation, if they have the same value for A, they must have the same value for B. Example: FD: Rank  Salary Secret information: Name and Salary together  Query1: Name and Rank  Query2: Rank and Salary  Combine answers for query1 and 2 to reveal Name and Salary together

CSCE Farkas 24 Lecture 19 Key integrity Every tuple in the relation have a unique key Users at different levels, see different versions of the database Users might attempt to update data that is not visible for them

CSCE Farkas 25 Lecture 19 Example Name (key)SalaryAddress Black P38,000 PColumbia S Red S42,000 SIrmo S Secret View Name (key)SalaryAddress Black P38,000 PNull P Public View

CSCE Farkas 26 Lecture 19 Updates Public User: Name (key)SalaryAddress Black P38,000 PNull P 1.Update Black’s address to Orlando 2.Add new tuple: (Red, 22,000, Manassas) If Refuse update: covert channel Allow update: Overwrite high data – may be incorrect Create new tuple – which data it correct (polyinstantiation) – violate key constraints

CSCE Farkas 27 Lecture 19 Updates Name (key)SalaryAddress Black P38,000 PColumbia S Red S42,000 SIrmo S Secret user: 1.Update Black’s salary to 45,000 If Refuse update: denial of service Allow update: Overwrite low data – covert channel Create new tuple – which data it correct (polyinstantiation) – violate key constraints

CSCE Farkas 28 Lecture 19 Inference Problem No general technique is available to solve the problem Need assurance of protection Hard to incorporate outside knowledge

29 Web Evolution Past: Human usage Static Web pages (HTML, XML) Present: Human & Automated usage Semantic Web, WS, SOA Future: Mobile Computing

30 Web Data Security Access Control Models XML Heterogeneous Data: XML, Stream, Text Limitations:  Syntax-based  No association protection  Limited handling of updates  No data or application semantics  No inference control

31 Secure XML Views - Example UC S John Smith UC S Jim Dale UC TS S Harry Green UC S Joe White UC MT78 TS medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green milTag MT78 patient phone phone View over UC data

32 John Smith Jim Dale Harry Green Joe White medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data Secure XML Views - Example

33 medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data John Smith Jim Dale Harry Green Joe White Secure XML Views - Example

34 UC S John Smith UC Jim Dale UC TS S Harry Green UC Joe White UC medicalFiles countyRec patient name John Smith milBaseRec physician Jim Dale physician Joe White name Harry Green patient View over UC data Secure XML Views - Example

35 medicalFiles name John Smith physician Jim Dale physician Joe White name Harry Green View over UC data John Smith Jim Dale Harry Green Joe White Secure XML Views - Example

36 The Inference Problem General Purpose Database: Non-confidential data + Metadata  Undesired Inferences Semantic Web: Non-confidential data + Metadata (data and application semantics) + Computational Power + Connectivity  Undesired Inferences

37 Correlated Inference address fort Public district basin Public Object[]. waterSource :: Object basin :: waterSource place :: Object district :: place address :: place base :: Object fort :: base place base Water Source Water source Base Place Water source Base Confidential

Organizational Data Confidentia l Attacker Public Access Control Misinfo X Ontology Data Integration and Inferences Web Data X Inference Control

Organizational Data Confidentia l Public Misinfo ACCESS and INFERENCE CONTROL POLICY Logic-based inference detection Exact and partial disclosure Data and metadata protection Heterogeneous data manipulation Metadata discovery Inference Control

Data Mining and Privacy Statistical inference:  K-anonymity  Correlation General inference:  Pattern  metadata  Biased learning CSCE Farkas 40 Lecture 19

Future 41

CSCE Farkas 42 Lecture 19 Next Class Midterm exam

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.