Resolving the tension between integrity and security using a theorem prover
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Logical foundations of multilevel databases
Data & Knowledge Engineering
Update semantics of relational views
ACM Transactions on Database Systems (TODS)
Multilevel secure transaction processing
Journal of Computer Security
Foundations of Databases: The Logical Level
Foundations of Databases: The Logical Level
Privacy-Preserving Data Mining: Models and Algorithms
Privacy-Preserving Data Mining: Models and Algorithms
Preprocessing for controlled query evaluation with availability policy
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Theoretical Computer Science
Inference-proof view update transactions with forwarded refreshments
Journal of Computer Security - DBSEC 2008
Enforcing confidentiality and data visibility constraints: an OBDD approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Revising belief without revealing secrets
FoIKS'12 Proceedings of the 7th international conference on Foundations of Information and Knowledge Systems
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Hi-index | 0.00 |
Publishing information to clients of an information system may leak confidential information. Even more, update transaction protocols must ensure both integrity and confidentiality of information which results in a conflicting situation rather involved. To avoid confidentiality breaches, previous work allow views with misinformation provided to clients. In order to maintain correctness and reliability of information, we propose query and update protocols that refuse client requests for the sake of confidentiality. Further, this article focuses on availability of information in two ways: confidentiality policy specification can impose less strict confidentiality in favor of availability; the proposed transaction protocol is shown to be as cooperative and to provide as much information as possible among a discussed class of transaction protocols. Regarding the confidentiality policy, in our approach the security administrator can choose between protecting only sensitive information in the current instance or even outdated information of previous instances.