Trust and Security in Biological Databases: Security When Collaborating. Gio Wiederhold, Stanford University, CA.

2/18/2004

Gio AAAS 04

Release checking can also protect privacy in commercial domains

Customers are collaborators; you want customers IN, not OUT

In simple and perfect systems they cannot access private areas, but

ê System failures - trap doors, etc. abound

oRelease checking provides a backstop and intrusion detection

ê Updates for customer convenience create unexpected interactions

oHelpful query modification broadens access

ê New usages were not foreseen during design partitioning

oCustomer access to inventory for rapid supply-line verification

oNew, unthought of collaborators -- Russians in Kosovo need access to info

Techniques -- much content has signatures that are (nearly) unique

oCheck to stop credit card numbers in outgoing data, as from music sites

oCheck to stop email addresses in outgoing reports

•Don’t rely exclusively on access control when the objective is to protect release of private information !

Release filter