The level of security provided by three random data perturbation (RDP) methods is evaluated. Such methods are applied in statistical databases in order to protect against disclosure of confidential numerical fields. These methods involve the addition of random noise to confidential numerical attributes. Although they ensure that the precise value of the confidential field will not be disclosed, they are exposed to partial disclosure; that is, the amount of information that a snooper is able to obtain exceeds the amount intended to be provided. To estimate the security provided by RDP methods, the authors investigate two situations: the case of the professional snooper and that of the casual snooper. These approaches differ by the measure of the level of security; each of them is based on distinct statistical models. The paper addresses database administrators, guiding them to the selection of a more effective RDP method.
The first section represents an introduction to the facts presented above. Section 2 introduces the three methods to be analyzed. These are the “independent noise” (IN) method, by which the noise is applied independently on each attribute; the “correlated noise” method (CN) proposed by Kim [1] and Trendick [2]; and a modification of the latter, called “bias corrected correlated noise” (BCCN), due to the same authors.
Section 3 evaluates the effectiveness of the three methods. The results indicate that the performances of the IN method are lower in the case of the professional snooper, while the BCCN method provides a worse security level than the other two methods against casual snoopers. (The result was not observed in former studies.) The concluding section remarks interestingly on other aspects of the three methods. This is an interesting study. The results rely on sound mathematical tools.