Notes

Outline

Trust and Security in Biological Databases: Security When Collaborating.  Gio Wiederhold Depts. of Computer Science, Electr. Eng. and Medicine Stanford University, CA. www-db.stanford.edu/people/gio.html

1 & 3. Protection of Privacy requires checking what goes OUT.

The complexity of biological/medical  information disables fine-grained data access specifications

2. Access control mechanisms keep bad guys from getting IN.

4. Collaborators are allowed in,     but what they take out must be controlled.

Inference protection has the same duality

Release checking can also protect privacy in commercial domains Customers are collaborators;  you want customers IN, not OUT In simple and perfect systems they cannot access private areas, but  System failures - trap doors, etc. abound Release checking provides a backstop and intrusion detection  Updates for customer convenience create unexpected interactions Helpful query modification broadens access  New usages were not foreseen during design partitioning Customer access to inventory for rapid supply-line verification New, unthought of collaborators -- Russians in Kosovo need access to info Techniques --  much content has signatures that are (nearly) unique Check to stop credit card numbers in outgoing data, as from music sites Check to stop email addresses in outgoing reports Don’t rely exclusively on access control when the objective is   to protect release of private information !

Slide 8

Slide 9