Database Security: Database Inference
A subtle vulnerability found within database technologies is inference 推理, or the ability to derive 获取 unknown information based on retrieved information.
Developing technological solutions to detecting database inference is complex.
Much of the work done in this area involves revoking access to specific database objects based on a user’s past querying history (Staddon, 2003).
The problem with inference detection, especially when done at query processing time, is that it results in a significant delay between the time the query is executed and the results are presented.
As with other approaches to mitigating database security vulnerabilities, trade-offs must be made.
The protection of highly sensitive data requires an examination of what situations could lead to exposure to unauthorized users and what monitoring policies should be implemented to insure appropriate responses are enacted.