| database management system (DBMS), 310 | retrieved data, 330 requested data, 330 | | front end, 310 | allowed data, 330 | | field, 310 | inference, 331 | | element, 310 | direct inference, 332 | | record, 310 | indirect inference, 333 | | attribute, 310 | inference by sum, 334 | | schema, 310 | inference by count, 334 | | subschema, 310 | inference by median, 334 | | relation, 311 | tracker inference, 335 | | query, 312 | linear system inference, 337 | | project, 313 | statistical inference, 337 | | select, 313 | limited response suppression, 338 | | join, 313 | combining results to suppress, 338 | | database integrity, 315 | revealing a random sample, 339 | | element integrity, 315 | random perturbation of data, 339 | | access control, 315 | restricting output by query analysis, 340 | | user authentication, 315 | aggregation, 341 | | auditability , 318 | multilevel databases, 343 | | availability, 319 | granularity of control, 344 | | sensitive data, 319 | multilevel integrity, 345 | | availability of data, 319 | multilevel secrecy , 345 | | access control decision, 319 | polyinstantiation, 345 | | disclosure, 326 | partitioned database, 346 | | exact disclosure, 329 | encryption, 347 | | bounded disclosure, 329 | integrity lock, 348 | | negative disclosure, 329 | sensitivity lock, 349 | | probable value disclosure, 330 | trusted front end, 350 | | disclosure of existence, 330 | commutative filter, 352 | | security, 330 | query modification, 352 | | precision, 330 | window, 354 | | revealed data, 330 | view, 354 | |
