Identifying inference attacks against healthcare data repositories
نویسندگان
چکیده
Health care data repositories play an important role in driving progress in medical research. Finding new pathways to discovery requires having adequate data and relevant analysis. However, it is critical to ensure the privacy and security of the stored data. In this paper, we identify a dangerous inference attack against naive suppression based approaches that are used to protect sensitive information. We base our attack on the querying system provided by the Healthcare Cost and Utilization Project, though it applies in general to any medical database providing a query capability. We also discuss potential solutions to this problem.
منابع مشابه
Maximizing Sharing of Protected Information
Despite advances in recent years in the area of mandatory access control in database systems, today’s information repositories remain vulnerable to inference and data association attacks that can result in serious information leakage. Without support for coping against these attacks, sensitive information can be put at risk because of release of other (less sensitive) related information. The a...
متن کاملRisks, Limitations and the Need for Additional Measures Against Ransomware in the Health Information Technology Infrastructure
Introduction: Even before the Covid 19 pandemic, one of the lucrative targets for attackers behind ransomware attacks was Encroaching on the continuity of services in the field of health information technology. In this study, for the first time, while introducing, relying on statistics and modeling, it is shown that the prevention and counteraction of these attacks in the IT infrastructure of t...
متن کاملToward Security Verification against Inference Attacks on Data Trees
This paper describes our ongoing work on security verification against inference attacks on data trees. We focus on infinite secrecy against inference attacks, which means that attackers cannot narrow down the candidates for the value of the sensitive information to finite by available information to the attackers. Our purpose is to propose a model under which infinite secrecy is decidable. To ...
متن کاملInference attacks against trust-based onion routing: Trust degree to the rescue
Trust-based onion routing enhances anonymity protection by means of constructing onion circuits using trust-based routers. However, attackers who have the knowledge of a priori trust distributions are still capable of largely reducing the anonymity protected by trustbased circuits. The root cause is that these attackers have a high probability to guess the users who initiate trust-based circuit...
متن کاملCollective Data-Sanitization for Preventing Sensitive Information Inference Attacks in Social Networks
Releasing social network data could seriously breach user privacy. User profile and friendship relations are inherently private. Unfortunately, it is possible to predict sensitive information carried in released data latently by utilizing data mining techniques. Therefore, sanitizing network data prior to release is necessary. In this paper, we explore how to launch an inference attack exploiti...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
دوره 2013 شماره
صفحات -
تاریخ انتشار 2013