The complexity of Boolean functions
The complexity of Boolean functions
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
A Computing Procedure for Quantification Theory
Journal of the ACM (JACM)
For unknown secrecies refusal is better than lying
Data & Knowledge Engineering
ACM Transactions on Information and System Security (TISSEC)
A machine program for theorem-proving
Communications of the ACM
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Lying versus refusal for known potential secrets
Data Engineering
Synthesis and Optimization of Digital Circuits
Synthesis and Optimization of Digital Circuits
Foundations of Databases: The Logical Level
Foundations of Databases: The Logical Level
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Dynamic access control through Petri net workflows
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
The complexity of theorem-proving procedures
STOC '71 Proceedings of the third annual ACM symposium on Theory of computing
Propositional Satisfiability and Constraint Programming: A comparative survey
ACM Computing Surveys (CSUR)
A formal analysis of information disclosure in data exchange
Journal of Computer and System Sciences
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Keeping secrets in incomplete databases
International Journal of Information Security
Preprocessing for controlled query evaluation with availability policy
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Protection of Database Security via Collaborative Inference Detection
IEEE Transactions on Knowledge and Data Engineering
Security in Computing Systems: Challenges, Approaches and Solutions
Security in Computing Systems: Challenges, Approaches and Solutions
Boolean satisfiability from theoretical hardness to practical success
Communications of the ACM - A Blind Person's Interaction with Technology
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Efficient inference control for open relational queries
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
A theory of runtime enforcement, with results
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Efficient auditing for complex SQL queries
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Theoretical Computer Science
Inference-proof view update transactions with forwarded refreshments
Journal of Computer Security - DBSEC 2008
Empirical study of the anatomy of modern sat solvers
SAT'11 Proceedings of the 14th international conference on Theory and application of satisfiability testing
History-dependent inference control of queries by dynamic policy adaption
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Authorization views and conditional query containment
ICDT'05 Proceedings of the 10th international conference on Database Theory
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Optimistic anonymous participation in inter-organizational workflow instances
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
Inference-Proof view update transactions with minimal refusals
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
| Hi-index | 0.00 |
Policy-based inference control of queries submitted to a logic-oriented information system aims at confining answers to queries such that the user cannot infer the validity of any sentence specified in a confidentiality policy. Such a control requires us to consider the history of queries and answers to a particular user. In most previous approaches, the control system captures the history by maintaining a fictitious view the user is supposed to generate by exploiting rational reasoning. In this paper, we propose and explore an alternative option to represent the history, namely by suitably adapting the confidentiality policy after returning an answer to a query. Basically, such a policy adaptation precomputes all relevant steps of formal proofs that the fictitious view logically implies some policy element. Focusing on propositional information systems, we present a comprehensive protocol for policy adaptation, which always keeps the current version of the confidentiality policy redundancy-free and fully vulnerable. This protocol is formally proved to be effective by a reduction argument, showing that policy adaptation is able to simulate the achievements of maintaining a view. We also briefly discuss the efficiency for special cases under dedicated data structures.