The Community for Technology Leaders
2008 Third International Conference on Availability, Reliability and Security (2008)
Mar. 4, 2008 to Mar. 7, 2008
ISBN: 978-0-7695-3102-1
pp: 771-778
ABSTRACT
Whenever secret information has been shared among multiple partners and has been illegally leaked to a third party, it is important for the trust among the partners to identify the information leak. We present a forensic approach to privacy violation control that after information has been leaked identifies those partners that had access to the leaked information. Our approach represents secret information as a boolean formula and compares it with the queries and the relational database state to which the queries were applied. We use this technique to identify suspicious queries, i.e., queries that have got sufficient information to infer secret information that has been leaked. Furthermore, we prove that checking where a select-project query is suspicious with respect to a given secret information is NP-complete, but a polynomial time solution exists for interesting subclasses.
INDEX TERMS
Privacy, relational Database, Auditing Compliance
CITATION

R. Hartel, S. B?ttcher and M. Kirschner, "Detecting Suspicious Relational Database Queries," 2008 Third International Conference on Availability, Reliability and Security(ARES), vol. 00, no. , pp. 771-778, 2008.
doi:10.1109/ARES.2008.125
94 ms
(Ver 3.3 (11022016))