On the inference-proofness of database fragmentation satisfying confidentiality constraints

Authors:
Joachim Biskup;Marcel Preuß;Lena Wiese
Affiliations:
Technische Universität Dortmund, Dortmund, Germany;Technische Universität Dortmund, Dortmund, Germany;National Institute of Informatics, Tokyo, Japan
Venue:
ISC'11 Proceedings of the 14th international conference on Information security
Year:
2011

Citing 13
Cited 4

Horn clauses and database dependencies

Journal of the ACM (JACM)
Foundations of Databases: The Logical Level

Foundations of Databases: The Logical Level
The inference problem: a survey

ACM SIGKDD Explorations Newsletter
Providing Database as a Service

ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Controlled query evaluation with open queries for a decidable relational submodel

Annals of Mathematics and Artificial Intelligence
Reducing inference control to access control for normalized database schemas

Information Processing Letters
Security in Computing Systems: Challenges, Approaches and Solutions

Security in Computing Systems: Challenges, Approaches and Solutions
Enforcing Confidentiality Constraints on Sensitive Databases with Lightweight Trusted Clients

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Data protection in outsourcing scenarios: issues and directions

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Combining fragmentation and encryption to protect privacy in data storage

ACM Transactions on Information and System Security (TISSEC)
Keep a few: outsourcing data while maintaining confidentiality

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Horizontal fragmentation for data outsourcing with formula-based confidentiality constraints

IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Usability confinement of server reactions: maintaining inference-proof client views by controlled interaction execution

DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems

Inference-usability confinement by maintaining inference-proof views of an information system

International Journal of Computational Science and Engineering
Confidentiality-Preserving query execution of fragmented outsourced data

ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Database fragmentation with encryption: under which semantic constraints and a priori knowledge can two keep a secret?

DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
An OBDD approach to enforce confidentiality and visibility constraints in data publishing

Journal of Computer Security - DBSec 2011

Quantified Score

Hi-index	0.00

Visualization

Abstract

Confidentiality of information should be preserved despite the emergence of data outsourcing. An existing approach is supposed to achieve confidentiality by vertical fragmentation and without relying on encryption. Although prohibiting unauthorised (direct) accesses to confidential information, this approach has so far ignored the fact that attackers might infer sensitive information logically by deduction. In this article vertical fragmentation is modelled within the framework of Controlled Query Evaluation (CQE) allowing for inference-proof answering of queries. Within this modelling the inference-proofness of fragmentation is proved formally, even if an attacker has some a priori knowledge in terms of a rather general class of semantic database constraints.