Security-control methods for statistical databases : a comparative study

N.R. Adam, J.C. Wortmann

Research output: Contribution to journalArticleAcademicpeer-review

613 Citations (Scopus)
3 Downloads (Pure)


This paper considers the problem of providing security to statistical databases against disclosure of confidential information. Security-control methods suggested in the literature are classified into four general approaches: conceptual, query restriction, data perturbation, and output perturbation. Criteria for evaluating the performance of the various security-control methods are identified. Security-control methods that are based on each of the four approaches are discussed, together with their performance with respect to the identified evaluation criteria. A detailed comparative analysis of the most promising methods for protecting dynamic-online statistical databases is also presented. To date no single security-control method prevents both exact and partial disclosures. There are, however, a few perturbation-based methods that prevent exact disclosure and enable the database administrator to exercise "statistical disclosure control." Some of these methods, however introduce bias into query responses or suffer from the 0/1 query-set-size problem (i.e., partial disclosure is possible in case of null query set or a query set of size 1). We recommend directing future research efforts toward developing new methods that prevent exact disclosure and provide statistical-disclosure control, while at the same time do not suffer from the bias problem and the 0/1 query-set-size problem. Furthermore, efforts directed toward developing a bias-correction mechanism and solving the general problem of small query-set-size would help salvage a few of the current perturbation-based methods.
Original languageEnglish
Pages (from-to)515-556
Number of pages42
JournalACM Computing Surveys
Issue number4
Publication statusPublished - 1989


Dive into the research topics of 'Security-control methods for statistical databases : a comparative study'. Together they form a unique fingerprint.

Cite this