Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
On the validity of the Bell-LaPadula model
Computers and Security
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
For unknown secrecies refusal is better than lying
Data & Knowledge Engineering
Data & Knowledge Engineering
Lying versus refusal for known potential secrets
Data Engineering
Secure multi-party computation problems and their applications: a review and open problems
Proceedings of the 2001 workshop on New security paradigms
Foundations of Secure Deductive Databases
IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Access control in a relational data base management system by query modification
ACM '74 Proceedings of the 1974 annual conference - Volume 1
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Computer Security 2e
Communications of the ACM - Privacy and security in highly dynamic systems
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
A formal analysis of information disclosure in data exchange
Journal of Computer and System Sciences
Journal of Computer and System Sciences
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Keeping secrets in incomplete databases
International Journal of Information Security
Preprocessing for controlled query evaluation with availability policy
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
ACM Transactions on Information and System Security (TISSEC)
Security in Computing Systems: Challenges, Approaches and Solutions
Security in Computing Systems: Challenges, Approaches and Solutions
Data Privacy for $\mathcal{ALC}$ Knowledge Bases
LFCS '09 Proceedings of the 2009 International Symposium on Logical Foundations of Computer Science
Controlled Query Evaluation and Inference-Free View Updates
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Combining Consistency and Confidentiality Requirements in First-Order Databases
ISC '09 Proceedings of the 12th International Conference on Information Security
Confidentiality policies for controlled query evaluation
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Inference control in logic databases as a constraint satisfaction problem
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Authorization views and conditional query containment
ICDT'05 Proceedings of the 10th international conference on Database Theory
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
Using SAT-Solvers to compute inference-proof database instances
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Towards controlled query evaluation for incomplete first-order databases
FoIKS'10 Proceedings of the 6th international conference on Foundations of Information and Knowledge Systems
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
Theoretical Computer Science
History-dependent inference control of queries by dynamic policy adaption
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
On the inference-proofness of database fragmentation satisfying confidentiality constraints
ISC'11 Proceedings of the 14th international conference on Information security
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Inference-Proof view update transactions with minimal refusals
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Revising belief without revealing secrets
FoIKS'12 Proceedings of the 7th international conference on Foundations of Information and Knowledge Systems
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Hi-index | 0.00 |
We survey the motivation, the main insight and the perspective of our approach to policy-driven inference control of server-client interactions for a logic-oriented information system. Basically, our approach aims to confine the usability of the data transmitted by the server to a client. The confinement is achieved by enforcing an invariant that, at any point in time, a client’s view on the actual information system is kept inference-proof: the information content of the data available to the client does not violate any protection requirement expressed by a declarative confidentiality policy. In this context, the information content of data and, accordingly, the inference-proofness of such data crucially depend on the client’s a priori knowledge, general reasoning capabilities and awareness of the control mechanism. We identify various parameters of the approach, outline control mechanisms to enforce the goals, and sketch the methods employed for a formal verification.