• DocumentCode
    2357433
  • Title

    Auditing a Batch of SQL Queries

  • Author

    Motwani, Rajeev ; Nabar, Shubha U. ; Thomas, Dilys

  • Author_Institution
    Stanford Univ., Stanford
  • fYear
    2007
  • fDate
    17-20 April 2007
  • Firstpage
    186
  • Lastpage
    191
  • Abstract
    In this paper, we study the problem of auditing a batch of SQL queries: given a set of SQL queries that have been posed over a database, determine whether some subset of these queries have revealed private information about an individual or group of individuals. In (Agrawal et al., 2004), the authors studied the problem of determining whether any single SQL query in isolation revealed information forbidden by the database system´s data disclosure policies. In this paper, we extend this work to the problem of auditing a batch of SQL queries. We define two different notions of auditing-semantic auditing and syntactic auditing -and show that while syntactic auditing seems more desirable, it is in fact NP-hard to achieve. The problem of semantic auditing of a batch of SQL queries is, however, tractable and we give a polynomial time algorithm for this purpose.
  • Keywords
    SQL; computational complexity; optimisation; polynomials; query processing; semantic networks; NP-hard problem; SQL queries; database system data disclosure policies; polynomial time algorithm; private information; semantic auditing; syntactic auditing; Aggregates; Blood pressure; Computer science; Data privacy; Database systems; Diabetes; Diseases; Hospitals; Image databases; Polynomials;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Data Engineering Workshop, 2007 IEEE 23rd International Conference on
  • Conference_Location
    Istanbul
  • Print_ISBN
    978-1-4244-0832-0
  • Electronic_ISBN
    978-1-4244-0832-0
  • Type

    conf

  • DOI
    10.1109/ICDEW.2007.4400990
  • Filename
    4400990
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2357433