Boyce-Codd normal form and object normal forms
Information Processing Letters
IEEE Transactions on Software Engineering
Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
Analyzing FD inference in relational databases
Data & Knowledge Engineering
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Data & Knowledge Engineering
Lying versus refusal for known potential secrets
Data Engineering
Foundations of Databases: The Logical Level
Foundations of Databases: The Logical Level
Lattice-Based Access Control Models
Computer
Controlling FD and MVD Inferences in Multilevel Relational Database Systems
IEEE Transactions on Knowledge and Data Engineering
Foundations of Secure Deductive Databases
IEEE Transactions on Knowledge and Data Engineering
Wizard: A Database Inference Analysis and Detection System
IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Access control in a relational data base management system by query modification
ACM '74 Proceedings of the 1974 annual conference - Volume 1
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
A multi-purpose implementation of mandatory access control in relational database management systems
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
| Hi-index | 0.00 |
We present a control mechanism for preserving confidentiality in relational databases under open queries. This mechanism is based on a reduction of costly inference control to efficient access control that has recently been developed for closed database queries. Our approach guarantees that secrets being declared in form of a confidentiality policy are not disclosed to database users even if they utilize their a priori knowledge to draw inferences. It turns out that there is no straightforward transition from the approach for closed queries to open queries. We show, however, that hiding the confidentiality policy from database users is sufficient to preserve confidentiality. Moreover, we propose an algorithmic implementation of the control mechanism.