Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)

Published byAshlyn Harris Modified over 9 years ago

Similar presentations

Presentation on theme: "Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)"— Presentation transcript:

1 Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore) Feng Bao (I2R, Singapore)

2 RFID Security Seminar 2008 2 Content Introduction Self-Enforcing Private Inference Control – Concept Proposed Scheme Conclusion

3 RFID Security Seminar 2008 3 Project Summary - why should it be done? Introduction Inference problem has been a long standing issue in database security –Sensitive information beyond one's privileges can be inferred from the unsensitive data to which one is granted access. –Access control cannot solve the inference problem –The set of queries whose responses lead to inference is said to form an inference channel

4 RFID Security Seminar 2008 4 Introduction – Con. Inference Control –to prevent the formation of inference channels –Auditing is a special kind of inference control technique that audits queries in order to ensure that a user's current query, together with his past queries, cannot form any inference channel

5 RFID Security Seminar 2008 5 Project Summary - why should it be done? Introduction – Con. Inference Control –What forms an inference channel depends closely on the data to be protected and the protection objective –Our concern in this work is the inference channels that result in identifying the subjects contained in the database –An example is a database of medical records for individuals explicit identifying information Non-identifying attributes such as age, ZIP code, DoB are not personally identifiable

6 RFID Security Seminar 2008 6 Project Summary - why should it be done? Introduction – Con. Inference Control –An example is a database of medical records for individuals explicit identifying information individual attributes such as age, ZIP code, DoB are not personally identifiable each of them alone usually does not contain sufficient information to uniquely identify any individuals, thereby should not be classified as sensitive. However, a combination of some/all of these non-sensitive attributes may be uniquely identifiable, thus forming an inference channel.

7 RFID Security Seminar 2008 7 Project Summary - why should it be done? Introduction – Con. Inference Control –Inference control in this context works by blocking users who access the database from obtaining responses of the queries that cover all the attributes necessary to complete an inference channel.

8 RFID Security Seminar 2008 8 Project Summary - why should it be done? Introduction – Con. Query Privacy –Users who access database also have privacy concern Exposure of what data a user is accessing to the database server may lead to the compromise of user privacy –It is desirable that inference control is enforced by the server in a way that query privacy is also preserved –The two objectives are conflicting to some extent

9 RFID Security Seminar 2008 9 Project Summary - why should it be done? Introduction – Con. Private Inference Control –Woodruff and Staddon (Private Inference Control. In: Proc. ACM CCS 04) are the first to propose private inference control to attain both objectives –Unfortunately, practical deployment of private inference control may encounter an enormous obstacle database server knows nothing about user queries, so users can easily exploit by issuing useless queries

10 RFID Security Seminar 2008 10 Project Summary - why should it be done? Introduction – Con. Private Inference Control –Unfortunately, practical deployment of private inference control may encounter an enormous obstacle database server knows nothing about user queries, so users can easily exploit by issuing useless queries It is a well known fact that inference control (even without privacy protection) is extremely computation intensive This kind of DoS attacks are expected to be particularly effective in private inference control.

11 RFID Security Seminar 2008 11 Project Summary - why should it be done? Self-Enforcing Private Inference Control – Concept Self-Enforcing Private Inference Control –The intuition is to force users not to make queries that form inference channels; otherwise, penalty will incur on the querying users –users are obliged to enforce costly inference control by themselves before making queries - Self-Enforcing

12 RFID Security Seminar 2008 12 Self-Enforcing Private Inference Control – Concept Self-Enforcing Private Inference Control –In our proposed scheme, penalty is instantiated to be a deprivation of the access privileges of the violating users. If a user makes an inference-enabling query, then the user's access right is forfeited and he is rejected to make queries any further

13 RFID Security Seminar 2008 13 Proposed Scheme We incorporate access control into inference control, and base access control on one-time access keys – a user is able to get the access key for next query only if his current query is inference-free –We extend Woodruff and Staddon's scheme

14 RFID Security Seminar 2008 14 Proposed Scheme – Con. The inference control rule is that for any record, the user cannot get all its attributes – suppose the database has n records, each record has m attributes

15 RFID Security Seminar 2008 15 Proposed Scheme – Con. User l th Query Q l = – The server selects a random K l+1, and generates l -1 shares, s 1, s 2, …, s l-1, forming a (l -m+1)-out- of-(l -1) sharing of K l+1 using a secret sharing scheme –The server computes e 1 = Hom_Enc((i 1 -i l )s 1 ), e 2 = Hom_Enc((i 2 - i l )s 2 ), …, e l-1 =Hom_Enc ((i l-1 –i l )s l-1 ) using the user's previous queries. –The user decrypts e 1, e 2, …, e l-1, if the user's query sequence thus far does not complete inference channel, the user can recover at least l – m + 1 shares, thus reconstructing K l+1.

16 RFID Security Seminar 2008 16 Proposed Scheme – Con. The remaining steps are largely Woodruff and Staddon's scheme, with K l+1 being the random number in theirs. We Discussed Various Issues to Improve the Above Basic Scheme –Penalty Lifting –Allow for Repeat Queries –Stricter Query Privacy

17 RFID Security Seminar 2008 17 Conclusion DoS Attacks Are Particularly Effective in Private Inference Control Systems We Were Motivated to Propose Self- Enforcing Private Inference Control The Intuition is to Force Users to be Cautious in Making Queries, as Penalty Will be Inflicted Upon Users Who Make Inference-Enabling Queries. We Presented A Concrete Scheme

18 RFID Security Seminar 2008 18 Project Summary - why should it be done? Q & A THANK YOU!

Download ppt "Self-Enforcing Private Inference Control Yanjiang Yang (I2R, Singapore) Yingjiu Li (SMU, Singapore) Jian Weng (Jinan Univ. China) Jianying Zhou (I2R, Singapore)"

Similar presentations

Private Inference Control David Woodruff MIT Joint work with Jessica Staddon (PARC)

Private Inference Control David Woodruff MIT Joint work with Jessica Staddon (PARC)
Private Inference Control

Private Inference Control
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Operating System Security

Operating System Security
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.

Chapter 23 Database Security and Authorization Copyright © 2004 Pearson Education, Inc.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Optionally Identifiable Private Handshakes Yanjiang Yang.

Optionally Identifiable Private Handshakes Yanjiang Yang.
Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.

Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.
A New Approach for Anonymous Password Authentication Yanjiang Yang, Jianying Zhou, Feng Bao Institute for Infocomm Research, Singapore Jian Weng Jinan.

A New Approach for Anonymous Password Authentication Yanjiang Yang, Jianying Zhou, Feng Bao Institute for Infocomm Research, Singapore Jian Weng Jinan.
Database Management System

Database Management System
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
5.1 © 2006 by Prentice Hall Ethical and Social Issues in the Digital Firm.

5.1 © 2006 by Prentice Hall Ethical and Social Issues in the Digital Firm.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Password Management for Multiple Accounts Some Security.
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)

Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)

Similar presentations

Ads by Google