Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Statistical Protection

By Steve Jones,

The things people can do with data is amazing. I remember reading about the anonymous data set released by Netflix and how some of the people were identified based on other, related actions on the Internet. This de-anonymization, while scary, was amazing to me. There have been other, related reports of similar "attacks" taken against other data sets. These reports worry me that we will have more and more data security issues in the future, not less.

I ran across an article that talked about protecting data in statistical databases. These are the databases that contain data from multiple sources, and are used to analyze the information from these sources. The security of these databases becomes important when the data contains information about individuals that we consider sensitive. Interestingly enough, it seems that the security protections being used are query restrictions.

However these restrictions are the reverse of what we might expect. There might be minimum restrictions on the number of rows returned, to try and prevent information about a specific individual from being returned. There are also limitations on the types of queries that can be run, usually requiring aggregate functions in the query, and restricting which aggregates are allowed.

This is definitely an area of our industry that needs more work and research. Lots of organizations, especially government organizations are being called on to open their databases up to the public, and many of them are doing so right now, allowing queries of their statistical databases. This might improve the use of this information by the public, but there are plenty of ways in which this data could be potentially misused. If your companies wants to open some of your data to clients or customers, you might raise the concerns with possible abuses of the database and ask that time and effort be included to try and secure the data, possibly by implementing query restrictions.

Steve Jones


The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 98 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Podcast Announcements

Podcast Feeds

BLOG

Technical Podcasts I Listen To

There are a few podcasts I tend to listen to as I have time. Since I work with a wide...

BLOG

Powerscripting Podcast 2

I was interviewed by Jon (@JonWaltz) and Hal (@Halr9000) in episode 106 of the PowerScripting Podcas...

FORUM

Podcast Problem

Podcast Problem Blocked by group policy

BLOG

Podcasting

A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...

Tags
editorial    
security    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones