Semantic Security

1
Semantic Security

• Monica Da Silva
• MGS 3040
• Section 03

2
Definition

• Semantic security concerns the unintended release
  of a combination of reports or documents that are
  independently not protected.

3
Security Problems

• We have cheaper, faster computers
• Have more data, more systems for reporting and
  querying that data
• Easier, faster, and broader communication

4
Physical Security Problems

• Files and passwords can be stolen
• If a password is required to get into a system,
  there is usually too much access to private data
• It is easy for someone to change access
  permissions.

5
Understanding

• Physical Security and Semantic Security is NOT
  the same thing.
• Physical Security is getting hackedthere is an
  intention of finding this information.
• Semantic Security is released unintentionallysome
  one just realizes the information is out there.

6
Example of Semantic Security

• Weekly reports are printed on TOTAL payroll
  amounts.
• Someone new gets hired.
• If you compare an old weekly report and a weekly
  report after the new person starts working, you
  can figure out the salary of the newly hired
  person.
• No one intended for someone to find out how much
  this new person is getting paid.

7
Solving the Problem

• The more reports a company prints, the more
  semantic security problems occur
• Try to keep printing to a minimum
• Too much information is being released when too
  many people have access the system
• Only the REQUIRED people should have access to
  the network and access should be limited.

8
Conclusion

• Semantic Security is almost impossible to
  perfect, but people need to try their best to be
  careful and only use private records when
  necessary.
• More information needs to be kept confidential!