The Design of Access Control by using Data Dependency To Reduce the Inference of Sensitive Data

From the back-end data system point of view, the primary personal information protection mechanism is to block the direct accessing of sensitive data. The possibility that sensitive data may be indirectly inferenced by public information, have not been addressed. In United States, there are cases and discussions about "Mosaic theory". And responsibilities of data holders were legally stated. But no known researches were invested to create a responsible mechanism. This research explores the functional dependencies, and compute risky column sets based on them. We can then process users' queries and initiate protection operation if risky data are involved.