Views for Multilevel Database Security
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
View updates in relational databases with an independent scheme
ACM Transactions on Database Systems (TODS)
IEEE Transactions on Software Engineering
Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
Logical foundations of multilevel databases
Data & Knowledge Engineering
Update semantics of relational views
ACM Transactions on Database Systems (TODS)
On the correct translation of update operations on relational views
ACM Transactions on Database Systems (TODS)
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
Data & Knowledge Engineering
Lying versus refusal for known potential secrets
Data Engineering
Foundations of Secure Deductive Databases
IEEE Transactions on Knowledge and Data Engineering
Polyinstantation for Cover Stories
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
An Order-Based Theory of Updates for Closed Database Views
Annals of Mathematics and Artificial Intelligence
Relational lenses: a language for updatable views
Proceedings of the twenty-fifth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Keeping secrets in incomplete databases
International Journal of Information Security
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Towards controlled query evaluation for incomplete first-order databases
FoIKS'10 Proceedings of the 6th international conference on Foundations of Information and Knowledge Systems
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Hi-index | 0.00 |
We extend Controlled Query Evaluation (CQE), an inference control method to enforce confidentiality in static information systems under queries, to updatable databases. Within the framework of the lying approach to CQE, we study user update requests that have to be translated into a new database state. In order to avoid dangerous inferences, some such updates have to be denied even though the new database instance would be compatible with a set of integrity constraints. In contrast, some other updates leading to an incompatible instance should not be denied. We design a control method to resolve this seemingly paradoxical situation and then prove that the general security definitions of CQE and other properties linked to user updates hold.