Auditing Interval-based Inference
Conference Proceeding Article
In this paper we study the feasibility of auditing interval-based inference. Sensitive information about individuals is said to be compromised if an accurate enough interval, called inference interval, is obtained into which the value of the sensitive information must fall. Compared with auditing exact inference that is traditionally studied, auditing interval-based inference is more complicated. Existing auditing methods such as audit expert do not apply to this case. Our result shows that it is intractable to audit interval-based inference for bounded integer values; while for bounded real values, the auditing problem is polynomial yet involves complicated computation of mathematical programming. To further examine the practicability of auditing interval-based inference, we classify various auditing methods into three categories: exact auditing, optimistic auditing, and pessimistic auditing. We analyze the trade-offs that can be achieved by these methods among various auditing objectives: inference security, database usability, and auditing complexity.
Audit, Usability, Feasibility, Mathematical programming, Database
Information Security and Trust
Advanced Information Systems Engineering: 14th International Conference, CAiSE 2002 Toronto, Canada, May 27-31: Proceedings
City or Country
LI, Yingjiu; WANG, Lingyu; WANG, X. Sean; and Jajodia, Sushil.
Auditing Interval-based Inference. (2002). Advanced Information Systems Engineering: 14th International Conference, CAiSE 2002 Toronto, Canada, May 27-31: Proceedings. 2348, 553-568. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1047