Databases Reference
In-Depth Information
S(1)* = S(1) + e(1)
where
or an independent and prob-
ably constant component, as in the age example previously stated. For
example, if
e1
could be a function (e.g., 75%) of
S1
S1
is $982,000, the figure can be disguised as follows:
S(1)* = 982,000 - 75% (982,000) = $245,500
To reconstruct the true figure, in the knowledge that 245,500 is 25% of
S1
,
S1*
can be divided by 25 and multiplied by 100 as follows:
S(1) = S(1)*
×
100/25 = 245,500
×
100/25 = 982,000
The important point to remember is that it must be preestablished
whether a constant value or a function of the value is used. Therefore, the
previous example would read as follows:
S(1)* = S(1) = f(S(1)) = S(1) - aS(1) = S(1)(1 - a)
where
a
happens to be .75. To reconstruct
S1, S1*
is divided by
1-a
.
Like noise addition, data dispersal, or scattering, is used to protect indi-
vidual data objects in a distributed database environment. An Information
Dispersal Algorithm has been proposed that disperses a data object (e.g.,
an employee record) into various storage areas (e.g., the address, salary,
and employee identification number would be stored in different data-
bases). The data object, represented by
o
, would be divided into
n
pieces.
The series of subvalues would be represented as
oi
, where
i
is greater than
or equal to
(i.e., the number of pieces). The number of
pieces must suffice for reconstructing the data object
l
but is less than
n
. Each one of these
pieces, or a reasonable combination of them, is stored in a different node
in the distributed system. This technique makes it virtually impossible for
a would-be intruder to access all the pieces to reconstruct the original data
object for several reasons. First, the intruder might not be aware of the
existence of all the nodes. Second, even if the nodes are known, accessing
all of them might be too difficult or time-consuming. Finally, even if all
nodes are accessed and the data objects are collected, a considerable
amount of effort might be needed to combine them into a whole that makes
reasonable sense.
o
The value of this technique is even greater when placed in a real-world
context. For example, assuming that a record includes
data elements (i.e.,
fields), these data elements could be distributed over the
n
m
nodes of the
distributed database. If
elements could be distrib-
uted again over the nodes so that each node has one or more elements but
less than
n
>
m
, the remaining
n-m
. Therefore, by accessing only one node, an intruder will not be
able to access the full record, assuming that only a complete record can be
useful. All the records of a sensitive file can be distributed in this fashion.
n
Search WWH ::
Custom Search