Usability confinement of server reactions: maintaining inference-proof client views by controlled interaction execution

Authors:
Joachim Biskup
Affiliations:
Technische Universität Dortmund, Dortmund, Germany
Venue:
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Year:
2010

Citing 39
Cited 7

Formal query languages for secure relational databases

ACM Transactions on Database Systems (TODS)
On the validity of the Bell-LaPadula model

Computers and Security
The specification and enforcement of authorization constraints in workflow management systems

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Answering queries without revealing secrets

ACM Transactions on Database Systems (TODS)
For unknown secrecies refusal is better than lying

Data & Knowledge Engineering
Cover story management

Data & Knowledge Engineering
Lying versus refusal for known potential secrets

Data Engineering
Secure multi-party computation problems and their applications: a review and open problems

Proceedings of the 2001 workshop on New security paradigms
Foundations of Secure Deductive Databases

IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures

IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey

ACM SIGKDD Explorations Newsletter
Access control in a relational data base management system by query modification

ACM '74 Proceedings of the 1974 annual conference - Volume 1
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal

Annals of Mathematics and Artificial Intelligence
Foundations of Cryptography: Volume 2, Basic Applications

Foundations of Cryptography: Volume 2, Basic Applications
Computer Security 2e

Computer Security 2e
Distributed usage control

Communications of the ACM - Privacy and security in highly dynamic systems
L-diversity: Privacy beyond k-anonymity

ACM Transactions on Knowledge Discovery from Data (TKDD)
A formal analysis of information disclosure in data exchange

Journal of Computer and System Sciences
An equational logic based approach to the security problem against inference attacks on object-oriented databases

Journal of Computer and System Sciences
Controlled query evaluation with open queries for a decidable relational submodel

Annals of Mathematics and Artificial Intelligence
Provisions and obligations in policy management and security applications

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Reducing inference control to access control for normalized database schemas

Information Processing Letters
Mechanisms for usage control

Proceedings of the 2008 ACM symposium on Information, computer and communications security
Epistemic privacy

Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Keeping secrets in incomplete databases

International Journal of Information Security
Preprocessing for controlled query evaluation with availability policy

Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Secrecy in Multiagent Systems

ACM Transactions on Information and System Security (TISSEC)
Security in Computing Systems: Challenges, Approaches and Solutions

Security in Computing Systems: Challenges, Approaches and Solutions
Data Privacy for $\mathcal{ALC}$ Knowledge Bases

LFCS '09 Proceedings of the 2009 International Symposium on Logical Foundations of Computer Science
Controlled Query Evaluation and Inference-Free View Updates

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Combining Consistency and Confidentiality Requirements in First-Order Databases

ISC '09 Proceedings of the 12th International Conference on Information Security
Confidentiality policies for controlled query evaluation

Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Inference control in logic databases as a constraint satisfaction problem

ICISS'07 Proceedings of the 3rd international conference on Information systems security
Requirements and protocols for inference-proof interactions in information systems

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Authorization views and conditional query containment

ICDT'05 Proceedings of the 10th international conference on Database Theory
Policies, models, and languages for access control

DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Using SAT-Solvers to compute inference-proof database instances

DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Towards controlled query evaluation for incomplete first-order databases

FoIKS'10 Proceedings of the 6th international conference on Foundations of Information and Knowledge Systems
Enforcing confidentiality in relational databases by reducing inference control to access control

ISC'07 Proceedings of the 10th international conference on Information Security

A sound and complete model-generation procedure for consistent and confidentiality-preserving databases

Theoretical Computer Science
History-dependent inference control of queries by dynamic policy adaption

DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
On the inference-proofness of database fragmentation satisfying confidentiality constraints

ISC'11 Proceedings of the 14th international conference on Information security
Inference-usability confinement by maintaining inference-proof views of an information system

International Journal of Computational Science and Engineering
Inference-Proof view update transactions with minimal refusals

DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Revising belief without revealing secrets

FoIKS'12 Proceedings of the 7th international conference on Foundations of Information and Knowledge Systems
Dynamic policy adaptation for inference control of queries to a propositional information system

Journal of Computer Security - DBSec 2011

Quantified Score

Hi-index	0.00

Visualization

Abstract

We survey the motivation, the main insight and the perspective of our approach to policy-driven inference control of server-client interactions for a logic-oriented information system. Basically, our approach aims to confine the usability of the data transmitted by the server to a client. The confinement is achieved by enforcing an invariant that, at any point in time, a client’s view on the actual information system is kept inference-proof: the information content of the data available to the client does not violate any protection requirement expressed by a declarative confidentiality policy. In this context, the information content of data and, accordingly, the inference-proofness of such data crucially depend on the client’s a priori knowledge, general reasoning capabilities and awareness of the control mechanism. We identify various parameters of the approach, outline control mechanisms to enforce the goals, and sketch the methods employed for a formal verification.