Printer Friendly

COMPUTER SNOOPERS INFER SENSITIVE INFORMATION FROM ANSWERS TO SEEMINGLY INNOCUOUS QUESTIONS

 CHICAGO, May 14 /PRNewswire/ -- Unauthorized individuals or businesses cannot get copies of your medical records. But how about the database at your drug store -- is it protected? It's not difficult to tell what's physically wrong with a person, knowing the medications doctors have prescribed.
 So, too, the magazines to which you subscribe. If they are Child, Lamaze, Parents and American Baby you belong in a different classification from a person subscribing to Women In Business, Working Mother and Single Parent, as an example. Or, how about a military enlistee who regularly receives Gay & Lesbian Times, Out and The Advocate? What can be inferred from this?
 Professors George Thomas Duncan and Sumitra Mukherjee of Carnegie Mellon University are concerned about inferential disclosure of personal information, stored in statistical and multilevel relational databases.
 "Advances in telecommunications and computing technology have made it possible for organizations not only to gather vast amounts of personal information, but also to disseminate such information without the data subjects having any knowledge or control over such activities," said Professor Duncan.
 "Through a series of seemingly innocuous queries, it may be possible to infer sensitive information without authorization or approval."
 Professor Duncan will be presenting the results of this study on Tuesday, May 18, 1993, during the four day Spring Conference of TIMS (The Institute of Management Sciences) and ORSA (the Operations Research Society of America), which starts Sunday (5/16/93) at Chicago's Hilton and Towers. Both professional, non-profit societies use math and science to solve complex problems in business, government and industry. Each has a membership of over 8,000 in the U.S. and throughout the world.
 The Duncan-Mukherjee study evaluates methods for limited access to inferred sensitive information. While some can and do cut down on the amount of inferential information a database snooper can gather, there is absolutely nothing that can assure privacy.
 Some methods already in use prevent the disclosure of confidential or sensitive matter by restricting (or refusing) certain types of queries; another relies on modifying the response to queries while retaining values of aggregate statistics. Third, repeated queries are provided the same modified response every time a query is made (the database user can gain no additional information by repeating queries). Several types of additive noise can be used to effect response modification. The goal is to reduce the precision of inferences a snooper can make.
 Duncan-Mukherjee have concluded that the best possible protection, available now, is a combination of two interference methods, one with a lower degree of precision and one which should be considered superior. Existing methods of disclosure limitation still fall short of what is desirable, according to the Carnegie-Mellon team.
 Lotus and Equifax plan to market a database containing detailed personal records of 80 million American households, (postponed presently), coupled with inferential database manipulation, brings George Orwell's "1984" closer, indeed.
 For further information, write TIMS, 290 Westminster St., Providence, R.I., 02903 or phone 401-274-2525. TIMS is celebrating its 40th anniversary this year.
 -0- 5/14/93
 /CONTACT: Diane C. Fournaris, public relations director of TIMS, at 401-274-2525/


CO: TIMS ST: Rhode Island IN: SU:

DJ -- NEFNS1 -- 8411 05/14/93 07:30 EDT
COPYRIGHT 1993 PR Newswire Association LLC
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1993 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:PR Newswire
Date:May 14, 1993
Words:528
Previous Article:CASINO MAGIC TO RETAIN ARTHUR ANDERSEN & CO. AS INDEPENDENT AUDITORS
Next Article:2.25 MILLION SHARES OF BEST BUY CO., INC. COMMON STOCK PRICED AT $38.50 PER SHARE IN PUBIC OFFERING
Topics:


Related Articles
The complexity of computer security.
DIAL A PRINCIPAL WITH EDUCATION QUESTIONS ON TOLL-FREE HOTLINE
"We don't need no education"--Netsky-Z worm contains website attack.
Why Bashir refused to answer 30 questions.
3M warns UK businesses of the risks of 'screen snoopers'.
IN BRIEF: Snooker: O'Sullivan keeps quiet after loss.
Understanding fair housing law: protection for RE community.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters