| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Leakage Identification and Quantitative Evaluation Scheme for Confidential Databases |
| Authors | XIAN He-Qun |
| Address | (State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190) (National Engineering Research Center of Information Security, Beijing 100190) |
| Year | 2009 |
| Issue | No.4(721¡ª729) |
| Abstract & Background | Abstract The problem of leakage identification for confidential database is a small-scaled pirate identification problem. After analyzing current solutions and their drawbacks£¬the author proposes a leakage identification and quantitative evaluation scheme for confidential databases£¬which is based on a compound database watermark technique. The principle of the novel database watermark technique and the watermark generation and detection algorithms are presented in the paper. By embedding a compound watermark in the data and applying a data watermarking and distribution protocol£¬the confidential database is bound to the identities of its owner and the user£¬so the interests of both parties can be fairly protected in the leakage identification process. Probabilistic analyses are adopted to provide a quantitative evaluation of the identification result. Experiments on the algorithms show that the proposed scheme is efficient and effective£¬and it is highly qualified for real world applications. Keywords database watermark; leakage identification; compound watermark; quantitative evaluation; database security Background This paper presents a novel watermark based scheme to solve the problem of leakage identification for confidential databases, which is also a small-scaled pirate identification problem. When a security breach occurs to a group sharing confidential relational data, the proposed scheme can be used to identify the leakage source and provide non-repudiation evidence. Current solutions for database copyright protection and pirate identification cannot be directly applied to the leakage identification problem, because in most of those schemes, the data owner controls the key and the whole watermark generation process. So the other users are prone to false accusations. In this paper, a compound watermark technique and a data distribution protocol are presented, which provide fair protection for both the owner and the users in the process of leakage identification. Quantitative evaluation methods are introduced to provide probabilistic analyses of the identification results. The work in this paper is supported by the National High-Tech Research and Development Plan of China under grant Nos.2007AA120404, 2007AA120405. The projects are expected to solve challenging problems and to provide key techniques in building a highly trusted geographical and spatial database system. This paper focuses on the research of leakage identification and quantitative evaluation for databases containing confidential information. Several other papers on related works in the projects have been published on international journals or in proceedings of international conferences. |