Abstract—While mobile computing has seen tremendous growth and popularity, it has also introduced vulnerabilities in information systems. When a mobile personal computing device is stolen or misplaced, a great amount of data obtained from database servers can be compromised; hence, it is useful to limit the amount of sensitive data on mobile clients. In a number of applications, it is necessary to limit the amount of answers in response to a user query in order to enhance the security of a database; for example, an army base can answer queries asking for the phone numbers of its residents and yet, it should not reveal the whole book. Since databases are large and dynamic in content and structure, and the results of queries are unpredictable, it is not feasible to manually specify exactly which tuple should be suppressed for which user. In this paper, our approach is based on declarative specifications: the Database Administrator specifies the secrecies, i.e., the queries whose answers need to be limited, and the user privileges, i.e., the number of tuples that can be revealed when a user query intersects with a secrecy. The output of every query that intersects with one of the secrecies will be limited in the number of tuples revealed.
Index Terms—Mobile database, query filtering, security.
The authors are with the New Mexico Institute of Mining and Technology, Socorro, NM 87801 USA (e-mail: dchen@ cs.nmt.edu, email@example.com).
Cite: Dongyi Chen and Subhasish Mazumdar, "Limiting Answers to Queries to Enhance Security of Mobile Database," International Journal of Computer Theory and Engineering vol. 4, no. 6, pp. 983-986, 2012.