Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
On the validity of the Bell-LaPadula model
Computers and Security
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
For unknown secrecies refusal is better than lying
Data & Knowledge Engineering
Data & Knowledge Engineering
Lying versus refusal for known potential secrets
Data Engineering
Secure multi-party computation problems and their applications: a review and open problems
Proceedings of the 2001 workshop on New security paradigms
Foundations of Secure Deductive Databases
IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Access control in a relational data base management system by query modification
ACM '74 Proceedings of the 1974 annual conference - Volume 1
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Computer Security 2e
Communications of the ACM - Privacy and security in highly dynamic systems
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
A formal analysis of information disclosure in data exchange
Journal of Computer and System Sciences
Journal of Computer and System Sciences
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Keeping secrets in incomplete databases
International Journal of Information Security
Preprocessing for controlled query evaluation with availability policy
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
ACM Transactions on Information and System Security (TISSEC)
Security in Computing Systems: Challenges, Approaches and Solutions
Security in Computing Systems: Challenges, Approaches and Solutions
Data Privacy for $\mathcal{ALC}$ Knowledge Bases
LFCS '09 Proceedings of the 2009 International Symposium on Logical Foundations of Computer Science
Controlled Query Evaluation and Inference-Free View Updates
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Combining Consistency and Confidentiality Requirements in First-Order Databases
ISC '09 Proceedings of the 12th International Conference on Information Security
Confidentiality policies for controlled query evaluation
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Inference control in logic databases as a constraint satisfaction problem
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Efficient inference control for open relational queries
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Theoretical Computer Science
Inference-proof view update transactions with forwarded refreshments
Journal of Computer Security - DBSEC 2008
History-dependent inference control of queries by dynamic policy adaption
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
On the inference-proofness of database fragmentation satisfying confidentiality constraints
ISC'11 Proceedings of the 14th international conference on Information security
Authorization views and conditional query containment
ICDT'05 Proceedings of the 10th international conference on Database Theory
Policies, models, and languages for access control
DNIS'05 Proceedings of the 4th international conference on Databases in Networked Information Systems
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Using SAT-Solvers to compute inference-proof database instances
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Towards controlled query evaluation for incomplete first-order databases
FoIKS'10 Proceedings of the 6th international conference on Foundations of Information and Knowledge Systems
Inference-Proof view update transactions with minimal refusals
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
| Hi-index | 0.00 |
Extending traditional access control and complementing emerging usage control, inference-usability confinement aims at customising sensitive data to be returned to a client in such a way that the manipulated items are still useful for the recipient but do not enable any usage beyond the intended ones. In the context of a logic-oriented information system, a confinement mechanism generates an inference-proof view of the actually stored instance(s) while interacting with a client. We survey our specific approach to policy-driven inference-usability confinement for a server-client architecture, discussing various parameters and the resulting confinement mechanisms. Basically, the confinement is achieved by enforcing an invariant of the following kind: at any point in time, the information content of the data available to a client does not violate any protection requirement expressed by a declarative confidentiality policy. In this context, the information content of data and, accordingly, the inference-proofness of such data crucially depend on the client's a priori knowledge, general reasoning capabilities and awareness of the confinement mechanism.