Three Audit Stages for Securing Statistical Databases

摘要

A statistical databases (SDBs) are used mainly for statistical queries (such as sum, average, count, etc) on various populations. Users are permitted to retrieve statistical information, but information about specific individual should not be disclosed. The key representation auditing scheme is proposed to protect online and dynamic SDBs from being disclosed. The core idea is to convert the original database D into key representation database D, and each new user query q should be converted from string representation into key representation query q and stored in the Audit Query table (AQ table). We propose three audit stages to repel the attacks of the snooper to the confidentiality of the individuals. These stages enable the key representation auditor (KRA) to conveniently specify the illegal queries which could lead to disclosing the SDB. The proposed scheme that will be applied guarantees the security of SDBs and provides precise and accurate responses, besides it needs less CPU time and storage space during query processing.