Protecting databases from inference attacks

被引：26

作者：

Hinke, TH ^{[1
]}

Delugach, HS ^{[1
]}

Wolf, RP ^{[1
]}

机构：

[1] Univ Alabama, Dept Comp Sci, Huntsville, AL 35899 USA

来源：

COMPUTERS & SECURITY | 1997年 / 16卷 / 08期

关键词：

Computer security; Database inference; Database security; Inference detection analysis; Inference detection tools;

D O I：

10.1016/S0167-4048(97)87607-9

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper presents a model of database inference and a taxonomy of inference detection approaches. The Merlin inference detection system is presented as an example of an automated inference analysis tool that can assess inference vulnerabilities using the schema of a relational database. A manual inference penetration approach is then offered as a means of detecting inferences that involve instances of data or characteristics of groups of instances. These two approaches are offered as practical approaches that can be applied today to address the database inference problem. The final section discusses future directions in database inference research.

引用

页码：687 / 708

页数：22