Privacy Protection of Binary Confidential Data Against Deterministic, Stochastic, and Insider Threat
提出一种模型和方法,对包含二进制机密字段的数据库的COUNT查询提供确定性正确的区间响应,同时提供确定性和随机性保护,并防御内部威胁。模拟实验表明,大多数查询的区间很紧,且响应质量随查询识别主体数增加而提高,适用于大型数据库。
A practical model and an associated method are developed for providing consistent, deterministically correct responses to ad-hoc queries to a database containing a field of binary confidential data. COUNT queries, i.e., the number of selected subjects whose confidential datum is positive, are to be answered. Exact answers may allow users to determine an individual's confidential information. Instead, the proposed technique gives responses in the form of a number plus a guarantee so that the user can determine an interval that is sure to contain the exact answer. At the same time, the method is also able to provide both deterministic and stochastic protection of the confidential data to the subjects of the database. Insider threat is defined precisely and a simple option for defense against it is given. Computational results on a simulated database are very encouraging in that most queries are answered with tight intervals, and that the quality of the responses improves with the number of subjects identified by the query. Thus the results are very appropriate for the very large databases prevalent in business and governmental organizations. The technique is very efficient in terms of both time and storage requirements, and is readily scalable and implementable.