User Tools

Site Tools


sql-guessing-advantage-analyser

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
sql-guessing-advantage-analyser [2019/06/01 15:41]
alisa [Quick guide]
sql-guessing-advantage-analyser [2019/06/05 20:25]
alisa [Quick guide]
Line 19: Line 19:
  
 === Sensitive attributes === === Sensitive attributes ===
-This input defines a set of sensitive components, which the attacker is trying to guess. For each sensitive attribute, the guess can either be ''​exact''​ (discrete attributes),​ or ''​approx r''​ (approximated by r > 0 units). The guesses can be combined into an expression ​ using AND and OR operation, describing the case where leakage is considered successful. The expression can be followed by a single line containing keyword ''​cost''​ and a number that defines the cost of leaking that combination of attributes. By default, the cost is set to 100.+This input starts with the keyword ''​LEAK''​. It defines a set of sensitive components, which the attacker is trying to guess. For each sensitive attribute, the guess can either be ''​exact''​ (discrete attributes),​ or ''​approx r''​ (approximated by r > 0 units). The guesses can be combined into an expression ​ using AND and OR operation, describing the case where leakage is considered successful. The expression can be followed by a sequence of statements of the form ''​FROM table WHERE condition'',​ which describes which rows of the considered tables are treated as sensitive. The statements can in turn be followed by a single line containing keyword ''​cost''​ and a number that defines the cost of leaking that combination of attributes. By default, the cost is set to 100. The delimiter '';''​ finishes the description of the sensitive components. 
 <​code>​ <​code>​
 +LEAK
 ship.latitude approx 5 AND ship.latitude approx 5 AND
 ship.longitude approx 5 ship.longitude approx 5
-cost 100+FROM ship WHERE cargo > 0 
 +cost 100;
 </​code>​ </​code>​
-In this example, the attacker wins iff he guesses //both// attributes ''​latitude''​ and ''​longitude''​ of some row of the table ''​ship''​ within 5-unit precision. The definition of "​unit"​ depends on the data table, e.g. if the location was defined in miles, then a unit is also a mile.+In this example, the attacker wins iff he guesses //both// attributes ''​latitude''​ and ''​longitude''​ of some row of the table ''​ship''​ within 5-unit precision. The definition of "​unit"​ depends on the data table, e.g. if the location was defined in miles, then a unit is also a mile. We only worry about location of ships that carry some cargo.
  
 If we want to express that the attacker wins if he guesses //either// ''​latitude''​ or ''​longitude'',​ we replace AND operation with OR. If we want to express that the attacker wins if he guesses //either// ''​latitude''​ or ''​longitude'',​ we replace AND operation with OR.
sql-guessing-advantage-analyser.txt · Last modified: 2021/06/14 11:46 by alisa