DESIGN AND DEVELOPMENT OF KEY REPRESENTATION AUDITING SCHEME FOR SECURE ONLINE AND DYNAMIC STATISTICAL DATABASES

A statistical database (SDB) publishes statistical queries (such as sum, average, count, etc.) on subsets of records. Sometimes by stitching the answers of some statistics, a malicious user (snooper) may be able to deduce confidential information about some individuals. When a user submits a query to statistical database, the difficult problem is how to decide whether the query is answerable or not; to make a decision, past queries must be taken into account, which is called SDB auditing. One of the major drawbacks of the auditing, however, is its excessive CPU time and storage requirements to find and retrieve the relevant records from the SDB. The key representation auditing scheme (KRAS) is proposed to guarantee the security of online and dynamic SDBs. The core idea is to convert the original database into a key representation database (KRDB), also this scheme involves converting each new user query from a string representation into a key representation query (KRQ) and storing it in the Audit Query table (AQ table). Three audit stages are proposed to repel the attacks of the snooper to the confidentiality of the individuals. Also, efficient algorithms for these stages are presented, namely the First Stage Algorithm (FSA), the Second Stage Algorithm (SSA) and the Third Stage Algorithm (TSA). These algorithms enable the key representation auditor (KRA) to conveniently specify the illegal queries which could lead to disclosing the SDB. A comparative study is made between the new scheme and the existing methods, namely a cost estimation and a statistical analysis are performed, and it illustrates the savings in block accesses (CPU time) and storage space that are attainable when a KRDB is used. Finally, an implementation of the new scheme is performed and all the components of the proposed system are discussed

A model of security monitoring

A model of security monitoring is presented that distinguishes between two types of logging and auditing. Implications for the design and use of security monitoring mechanisms are drawn from this model. The usefulness of the model is then demonstrated by analyzing several different monitoring mechanisms

A bayesian approach for on-line max and min auditing

In this paper we consider the on-line max and min query auditing problem: given a private association between fields in a data set, a sequence of max and min queries that have already been posed about the data, their corresponding answers and a new query, deny the answer if a private information is inferred or give the true answer otherwise. We give a probabilistic definition of privacy and demonstrate that max and min queries, without “no duplicates”assumption, can be audited by means of a Bayesian network. Moreover, we show how our auditing approach is able to manage user prior-knowledge

Statistical and fuzzy approach for database security

A new type of database anomaly is described by addressing the concept of Cumulated Anomaly in this paper. Dubiety-Determining Model (DDM), which is a detection model basing on statistical and fuzzy set theories for Cumulated Anomaly, is proposed. DDM can measure the dubiety degree of each database transaction quantitatively. Software system architecture to support the DDM for monitoring database transactions is designed. We also implemented the system and tested it. Our experimental results show that the DDM method is feasible and effective

Database and Data Mining in Social Networking

Today’s data driven world exploiting the latest trends of database and its allied technologies like Data Warehouse and Data Mining. Data Mining in recent years emerged as one of the most efficient database technique proved to be very reliable almost in every organisation enabling to find previously unknown hidden data patterns for the benefit of organisation. At the same time it is imposing serious problems concerned to data privacy and its potential misuse

Managing uncertainty:financial, actuarial and statistical modelling.

present value; Value; Actuarial;