Formal query languages for secure relational databases

Authors:
Marianne Winslett;Kenneth Smith;Xiaolei Qian
Affiliations:
University of Illinois;Mitre Corporation;SRI International
Venue:
ACM Transactions on Database Systems (TODS)
Year:
1994

Citing 24
Cited 31

Incomplete Information in Relational Databases

Journal of the ACM (JACM)
Database system concepts

Database system concepts
Principles of database and knowledge-base systems, Vol. I

Principles of database and knowledge-base systems, Vol. I
The POSTGRES Rule Manager

IEEE Transactions on Software Engineering
Indefinite and maybe information in relational databases

ACM Transactions on Database Systems (TODS)
Deriving production rules for constraint maintenance

Proceedings of the sixteenth international conference on Very large databases
Set-oriented production rules in relational database systems

SIGMOD '90 Proceedings of the 1990 ACM SIGMOD international conference on Management of data
The modeling and representation of security semantics for database applications

The modeling and representation of security semantics for database applications
A model of authorization for next-generation database systems

ACM Transactions on Database Systems (TODS)
Toward a multilevel secure relational data model

SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
A logic for reasoning about security

ACM Transactions on Computer Systems (TOCS)
Multilevel secure rules: integrating the multilevel secure and active data models

Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Inference and cover stories

Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Inference through secondary path analysis

Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Tuple-level vs. element-level classification

Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
A model-theoretic semantics of the multilevel relational model

EDBT '94 Proceedings of the 4th international conference on extending database technology: Advances in database technology
Answering queries without revealing secrets

ACM Transactions on Database Systems (TODS)
A lattice model of secure information flow

Communications of the ACM
Declarative Foundations of Secure Deductive Databases

ICDT '92 Proceedings of the 4th International Conference on Database Theory
Entity Modeling in the MLS Relational Model

VLDB '92 Proceedings of the 18th International Conference on Very Large Data Bases
A Modal Logic Framework to Solve Aggregation Problems

Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Polyinstantation for Cover Stories

ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
A Multilevel Transaction Problem for Multilevel Secure Database Systems and Its Solution for the Replicated Architecture

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Inference Channel-Free Integrity Constraints in Multilevel Relational Databases

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy

Joining relations in the belief-consistent multilevel secure relational model

ACM-SE 36 Proceedings of the 36th annual Southeast regional conference
Minimal data upgrading to prevent inference and association attacks

PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Belief reasoning in MLS deductive databases

SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
A Semantic Framework of the Multilevel Secure Relational Model

IEEE Transactions on Knowledge and Data Engineering
Recovery from Malicious Transactions

IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
ODAR: an on-the-fly damage assessment and repair system for commercial database applications

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A compressed accessibility map for XML

ACM Transactions on Database Systems (TODS)
Integration and Efficient Lookup of Compressed XML Accessibility Maps

IEEE Transactions on Knowledge and Data Engineering
On logical foundations of multilevel secure databases

Journal of Intelligent Information Systems - Special issue: Database and applications security
Real-time data attack isolation for commercial database applications

Journal of Network and Computer Applications
Controlled query evaluation with open queries for a decidable relational submodel

Annals of Mathematics and Artificial Intelligence
Compressed accessibility map: efficient access control for XML

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A real-time intrusion prevention system for commercial enterprise databases and file systems

AIKED'05 Proceedings of the 4th WSEAS International Conference on Artificial Intelligence, Knowledge Engineering Data Bases
A real-time intrusion prevention system for commercial enterprise databases

SEPADS'05 Proceedings of the 4th WSEAS International Conference on Software Engineering, Parallel & Distributed Systems
A real-time intrusion prevention system for commercial enterprise databases and file systems

MMACTEE'08 Proceedings of the 10th WSEAS International Conference on Mathematical Methods and Computational Techniques in Electrical Engineering
Controlled Query Evaluation and Inference-Free View Updates

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
A formal model of data privacy

PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Historical and computational aspects of paraconsistency in view of the logic foundation of databases

Proceedings of the 2nd international conference on Semantics in databases
Confidentiality policies for controlled query evaluation

Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Requirements and protocols for inference-proof interactions in information systems

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Toward MLS database system with write downs

ACACOS'10 Proceedings of the 9th WSEAS international conference on Applied computer and applied computational science
A systematic literature review of inference strategies

International Journal of Information and Computer Security
Damage assessment and repair in attack resilient distributed database systems

Computer Standards & Interfaces
The relationship between reasoning about privacy and default logics

LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Controlled query evaluation with open queries for a decidable relational submodel

FoIKS'06 Proceedings of the 4th international conference on Foundations of Information and Knowledge Systems
Usability confinement of server reactions: maintaining inference-proof client views by controlled interaction execution

DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Inference-usability confinement by maintaining inference-proof views of an information system

International Journal of Computational Science and Engineering
Privacy preservation using multi-context systems and default logic

Correct Reasoning
Pragmatic XML access control using off-the-shelf RDBMS

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The addition of stringent security specifications to the list of requirements for an application poses many new problems in DBMS design and implementation, as well as database design, use, and maintenance. Tight security requirements, such as those that result in silent masking of witholding of true information from a user or the introduction of false information into query answers, also raise fundamental questions about the meaning of the database and the semantics of accompanying query languages. In this paper, we propose a belief-based semantics for secure databases, which provides a semantics for databases that can “lie” about the state of the world, or about their knowledge about the state of the world, in order to preserve security. This kind of semantics can be used as a helpful retrofit for the proposals for a “multilevel secure” database model (a particularly stringent form of security), and may be useful for less restrictive security policies as well. We also propose a family of query languages for multilevel secure relational database applications, and base the semantics of those languages on our semantics for secure databases. Our query languages are free of the semantic problems associated with use of ordinary SQL in a multilevel secure context, and should be easy for users to understand and employ.