Incomplete Information in Relational Databases
Journal of the ACM (JACM)
Database system concepts
Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
IEEE Transactions on Software Engineering
Indefinite and maybe information in relational databases
ACM Transactions on Database Systems (TODS)
Deriving production rules for constraint maintenance
Proceedings of the sixteenth international conference on Very large databases
Set-oriented production rules in relational database systems
SIGMOD '90 Proceedings of the 1990 ACM SIGMOD international conference on Management of data
The modeling and representation of security semantics for database applications
The modeling and representation of security semantics for database applications
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
A logic for reasoning about security
ACM Transactions on Computer Systems (TOCS)
Multilevel secure rules: integrating the multilevel secure and active data models
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Inference through secondary path analysis
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Tuple-level vs. element-level classification
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
A model-theoretic semantics of the multilevel relational model
EDBT '94 Proceedings of the 4th international conference on extending database technology: Advances in database technology
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
A lattice model of secure information flow
Communications of the ACM
Declarative Foundations of Secure Deductive Databases
ICDT '92 Proceedings of the 4th International Conference on Database Theory
Entity Modeling in the MLS Relational Model
VLDB '92 Proceedings of the 18th International Conference on Very Large Data Bases
A Modal Logic Framework to Solve Aggregation Problems
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Polyinstantation for Cover Stories
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Inference Channel-Free Integrity Constraints in Multilevel Relational Databases
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Joining relations in the belief-consistent multilevel secure relational model
ACM-SE 36 Proceedings of the 36th annual Southeast regional conference
Minimal data upgrading to prevent inference and association attacks
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Belief reasoning in MLS deductive databases
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
A Semantic Framework of the Multilevel Secure Relational Model
IEEE Transactions on Knowledge and Data Engineering
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
ODAR: an on-the-fly damage assessment and repair system for commercial database applications
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
Integration and Efficient Lookup of Compressed XML Accessibility Maps
IEEE Transactions on Knowledge and Data Engineering
On logical foundations of multilevel secure databases
Journal of Intelligent Information Systems - Special issue: Database and applications security
Real-time data attack isolation for commercial database applications
Journal of Network and Computer Applications
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A real-time intrusion prevention system for commercial enterprise databases and file systems
AIKED'05 Proceedings of the 4th WSEAS International Conference on Artificial Intelligence, Knowledge Engineering Data Bases
A real-time intrusion prevention system for commercial enterprise databases
SEPADS'05 Proceedings of the 4th WSEAS International Conference on Software Engineering, Parallel & Distributed Systems
A real-time intrusion prevention system for commercial enterprise databases and file systems
MMACTEE'08 Proceedings of the 10th WSEAS International Conference on Mathematical Methods and Computational Techniques in Electrical Engineering
Controlled Query Evaluation and Inference-Free View Updates
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
A formal model of data privacy
PSI'06 Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informatics
Historical and computational aspects of paraconsistency in view of the logic foundation of databases
Proceedings of the 2nd international conference on Semantics in databases
Confidentiality policies for controlled query evaluation
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Toward MLS database system with write downs
ACACOS'10 Proceedings of the 9th WSEAS international conference on Applied computer and applied computational science
A systematic literature review of inference strategies
International Journal of Information and Computer Security
Damage assessment and repair in attack resilient distributed database systems
Computer Standards & Interfaces
The relationship between reasoning about privacy and default logics
LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Controlled query evaluation with open queries for a decidable relational submodel
FoIKS'06 Proceedings of the 4th international conference on Foundations of Information and Knowledge Systems
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Privacy preservation using multi-context systems and default logic
Correct Reasoning
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
The addition of stringent security specifications to the list of requirements for an application poses many new problems in DBMS design and implementation, as well as database design, use, and maintenance. Tight security requirements, such as those that result in silent masking of witholding of true information from a user or the introduction of false information into query answers, also raise fundamental questions about the meaning of the database and the semantics of accompanying query languages. In this paper, we propose a belief-based semantics for secure databases, which provides a semantics for databases that can “lie” about the state of the world, or about their knowledge about the state of the world, in order to preserve security. This kind of semantics can be used as a helpful retrofit for the proposals for a “multilevel secure” database model (a particularly stringent form of security), and may be useful for less restrictive security policies as well. We also propose a family of query languages for multilevel secure relational database applications, and base the semantics of those languages on our semantics for secure databases. Our query languages are free of the semantic problems associated with use of ordinary SQL in a multilevel secure context, and should be easy for users to understand and employ.