Presentation is loading. Please wait.

Presentation is loading. Please wait.

Auditing Batches of SQL Queries Rajeev Motwani Shubha Nabar Dilys Thomas Stanford University.

Published byJohnathan Smith Modified over 8 years ago

Similar presentations

Presentation on theme: "Auditing Batches of SQL Queries Rajeev Motwani Shubha Nabar Dilys Thomas Stanford University."— Presentation transcript:

1 Auditing Batches of SQL Queries Rajeev Motwani Shubha Nabar Dilys Thomas Stanford University

2 Database Query Auditing Auditing Aggregate (Sum, Max, Median) queries Perfect Privacy Auditing SQL Queries Auditing a Batch of SQL Queries

3 Aggregate Queries [C86] Chin: Security problems on inference control for sum, max and min queries. JACM 1986 [CO82] Chin, Ozsoyglu: Auditing and inference control in statistical databases. TSE 1982 [DJL79] Dobkin, Jones, Lipton: Secure Databases: Protection against user influence. TODS 1979 [KMN05] Kenthapadi, Mishra, Nissim: Simulatable auditing. PODS 2005 [KPR00] Kleinberg, Papadimitriou, Raghavan: Auditing Boolean Attributes. PODS 2000 [R79] S. P. Reiss. Security in databases: A combinatorial study. JACM 1979

4 Aggregate Queries How many aggregate queries: sum / max / median queries can you pose to a database of numbers before you find out the value of an element Some amount of work in the 80’s Theoretically interesting and basis of more practical schemes today

5 Perfect Privacy [MS04] Miklau, Suciu: A formal analysis of information disclosure in data exchange. SIGMOD 2004 [MG06] Machanavajhala, Gehrke: On the efficiency of checking perfect privacy. PODS 2006

6 Perfect Privacy[MS04,MG06] Table Patient(Name, Phone number) Want to keep secret: All phone-numbers in the database Query: select name from Patient Perfect Privacy violation! Reveals some information --- the phone database is not empty. Too strong

7 SQL Auditing: Single Table Audit for address, SSN and phone numbers of all patients with diabetes Say Alice has diabetes Then any query that returns the address, SSN and phone number of Alice is suspicious wrt to the audit expression [ABFKRS04] Agrawal, Bayardo, Faloutsos, Kiernan, Rantzau, Srikant: Auditing compliance with a Hippocratic Database VLDB2004

8 Auditing SQL Queries[ABFKRS04] An audit expression is like a SQL Query AUDIT audit list FROM table list WHERE condition list

9 Example SELECT zipcode FROM Patients p WHERE p.disease = ‘diabetes’ AUDIT zipcode FROM Patients p WHERE p.disease = ‘high blood pressure’ AUDIT disease FROM Patients p WHERE p.zipcode = 94305 Suspicious if someone in 94305 has diabetes Not Suspicious wrt this

10 Formally, SQL Auditing Query Q=  C OQ  P Q (T £ R)) Audit expression A=  C OA (  P A ( T £ S)) Where, T =T 1 £ T 2 £ T 2 …. T n R=R 1 £ R 2 £ R 2 …. R n S=S 1 £ S 2 £ S 2 …. S n

11 SQL Auditing: Q suspicious wrt A £ £  T (T)  R (R)  S (S) (1) 9 v 2 T : (a)  R Æ T (R £ {v} )   (b)  S Æ T ({v} £ S )   (2) All audited columns are projected by the query Requires execution of queries on the database v

12 Auditing a Batch of SQL Queries Previous work for (1)Batch of queries like sum, max and median --can answers be stitched together to reveal more than what a single query can reveal? (2)Singleton SQL queries We introduce the notion of auditing a batch of SQL queries

13 SQL Auditing Batch of SQL queries, each of form Project col 1 col 2 col 3 …. col k From R Where C 1 and C 2 and C 3 and … C j Each C i : (col m = value), (col m <= value), (col m >= value), (value 1 <= col m <= value 2 ) col 1, col 2,.. col k includes primary key so that result of query can be joined with other results

14 Semantically Suspicious A query batch Q 1, Q 2,.. Q n is said to be suspicious wrt to an audit expression A if an expression combining the results of these queries as base tables is suspicious wrt A Natural extension of a suspicious query to a query batch

15 Syntactically Suspicious A query batch is said to be syntactically suspicious with respect to an audit expression A if there exists an instantiation of the database tables for which it is suspicious wrt A Does not require execution of the queries against the table

16 SQL Batch Auditing Query 1 Query 2 Query 3 Audited tuple columns are covered Query 4 Audit expression Query batch suspicious wrt audit expression iff queries together cover all audited columns of at least audited tuple syntacticallysemantically on table Ton some table T

17 Syntactic and Semantic Auditing Syntactially suspicious implies semantically suspicious To check semantic suspiciousness check for syntactic suspiciousness first and then execute the queries on tables to verify How to check syntactic suspiciousness covered next

18 Compatible Queries A batch of queries is compatible if the conjunction of their selection conditions is satisfiable. To test compatibility of a set of queries you only need to check pairwise compatibility [Helley’s Theorem]

19 Syntactic Auditing: Graph Problem Query 1 Query 2 Query 3 Query 4=AuditExp { } Suspicious iff there exists an independent set, including audit expression that covers all audited colors

20 Syntactic Auditing Query batch suspicious iff there is a subset of queries compatible with the audit expression and they cover all audited columns. Need not consider hyperedges as due to Helley’s Theorem you only need to check pairwise compatibility Independent set implies the query batch is compatible Has all audited colors implies that all audited columns are covered

21 Syntactic Auditing is NP complete Reduction from 3-SAT X1X1 X1X1 X2X2 X3X3 X4X4 X2X2 X3X3 X4X4 X1X1 X2X2 X4X4 ÇÇ X2X2 X3X3 X4X4 ÇÇ

22 Semantic Auditing If table given an implicit representation then NP complete Explicitly mentioned table, polynomial time algorithm

23 THANK YOU! Questions?

Download ppt "Auditing Batches of SQL Queries Rajeev Motwani Shubha Nabar Dilys Thomas Stanford University."

Similar presentations

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.
พีชคณิตแบบสัมพันธ์ (Relational Algebra) บทที่ 3 อ. ดร. ชุรี เตชะวุฒิ CS (204)321 ระบบฐานข้อมูล 1 (Database System I)

พีชคณิตแบบสัมพันธ์ (Relational Algebra) บทที่ 3 อ. ดร. ชุรี เตชะวุฒิ CS (204)321 ระบบฐานข้อมูล 1 (Database System I)
Query Folding Xiaolei Qian Presented by Ram Kumar Vangala.

Query Folding Xiaolei Qian Presented by Ram Kumar Vangala.
Online Auditing Kobbi Nissim Microsoft Based on a position paper with Nina Mishra.

Online Auditing Kobbi Nissim Microsoft Based on a position paper with Nina Mishra.
Kaushik Chakrabarti(Univ Of Illinois) Minos Garofalakis(Bell Labs) Rajeev Rastogi(Bell Labs) Kyuseok Shim(KAIST and AITrc) Presented at 26 th VLDB Conference,

Kaushik Chakrabarti(Univ Of Illinois) Minos Garofalakis(Bell Labs) Rajeev Rastogi(Bell Labs) Kyuseok Shim(KAIST and AITrc) Presented at 26 th VLDB Conference,
A Paper on RANDOM SAMPLING OVER JOINS by SURAJIT CHAUDHARI RAJEEV MOTWANI VIVEK NARASAYYA PRESENTED BY, JEEVAN KUMAR GOGINENI SARANYA GOTTIPATI.

A Paper on RANDOM SAMPLING OVER JOINS by SURAJIT CHAUDHARI RAJEEV MOTWANI VIVEK NARASAYYA PRESENTED BY, JEEVAN KUMAR GOGINENI SARANYA GOTTIPATI.
Wang, Lakshmanan Probabilistic Privacy Analysis of Published Views, IDAR'07 Probabilistic Privacy Analysis of Published Views Hui (Wendy) Wang Laks V.S.

Wang, Lakshmanan Probabilistic Privacy Analysis of Published Views, IDAR'07 Probabilistic Privacy Analysis of Published Views Hui (Wendy) Wang Laks V.S.
COMP 3715 Spring 05. Working with data in a DBMS Any database system must allow user to  Define data Relations Attributes Constraints  Manipulate data.

COMP 3715 Spring 05. Working with data in a DBMS Any database system must allow user to  Define data Relations Attributes Constraints  Manipulate data.
Database Management COP4540, SCS, FIU Functional Dependencies (Chapter 14)

Database Management COP4540, SCS, FIU Functional Dependencies (Chapter 14)
Database Security CS461/ECE422 Spring 2012. Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.

Database Security CS461/ECE422 Spring Overview Database model – Relational Databases Access Control Inference and Statistical Databases Database.
CS4432: Database Systems II Query Operator & Algebraic Expressions 1.

CS4432: Database Systems II Query Operator & Algebraic Expressions 1.
Auditing Compliance with a Hippocratic Database Javier Salinas Martín.

Auditing Compliance with a Hippocratic Database Javier Salinas Martín.
© The McGraw-Hill Companies, Inc., 2005 8 - 1 Chapter 8 The Theory of NP-Completeness.

© The McGraw-Hill Companies, Inc., Chapter 8 The Theory of NP-Completeness.
Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke1 Relational Algebra Chapter 4, Part A Modified by Donghui Zhang.

Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke1 Relational Algebra Chapter 4, Part A Modified by Donghui Zhang.
INFS614, Fall 08 1 Relational Algebra Lecture 4. INFS614, Fall 08 2 Relational Query Languages v Query languages: Allow manipulation and retrieval of.

INFS614, Fall 08 1 Relational Algebra Lecture 4. INFS614, Fall 08 2 Relational Query Languages v Query languages: Allow manipulation and retrieval of.
Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke1 Relational Algebra Chapter 4.

Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke1 Relational Algebra Chapter 4.
Data Warehousing/Mining 1 Data Warehousing/Mining Comp 150 Aggregation in SQL (not in book) Instructor: Dan Hebert.

Data Warehousing/Mining 1 Data Warehousing/Mining Comp 150 Aggregation in SQL (not in book) Instructor: Dan Hebert.
Efficient Query Evaluation on Probabilistic Databases

Efficient Query Evaluation on Probabilistic Databases
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.
By relieving the brain of all unnecessary work, a good notation sets it free to concentrate on more advanced problems, and, in effect, increases the mental.

By relieving the brain of all unnecessary work, a good notation sets it free to concentrate on more advanced problems, and, in effect, increases the mental.

Similar presentations

Ads by Google