Interval Protection of Confidential Information in a Database

We deal with the question of how to maintain security of confidential information in a database while answering as many queries as possible. The database is assumed to operate in a query restriction (as opposed to perturbation) mode in which exact answers are given to those queries which, together with those already answered, will not compromise any confidential datum. Those which fail this criterion are not answered. We introduce the concept of interval disclosure where a datum is compromised if the answered queries provide enough information to establish that it is contained in a given interval even if the datum cannot be determined exactly. Models are presented for the problem of deciding whether to answer a query and three techniques, one based on linear programming, are developed and tested.