A blackboard architecture for control
Artificial Intelligence
An introduction to database systems: vol. I (4th ed.)
An introduction to database systems: vol. I (4th ed.)
Artificial Intelligence
The role of constraints in databases, expert systems, and knowledge representation
Proceedings from the first international workshop on Expert database systems
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
Constraint Equations: Declarative Expression of Constraints With Automatic Enforcement
VLDB '84 Proceedings of the 10th International Conference on Very Large Data Bases
Resolving the tension between integrity and security using a theorem prover
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Mandatory security in object-oriented database systems
OOPSLA '89 Conference proceedings on Object-oriented programming systems, languages and applications
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
Modeling Security-Relevant Data Semantics
IEEE Transactions on Software Engineering
Current status of R&D in trusted database management systems
ACM SIGMOD Record
CIKM '93 Proceedings of the second international conference on Information and knowledge management
Static detection of security flaws in object-oriented databases
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
Formal semantics of confidentiality in multilevel logic databases
NSPW '94 Proceedings of the 1994 workshop on New security paradigms
Minimal data upgrading to prevent inference and association attacks
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Controlling FD and MVD Inferences in Multilevel Relational Database Systems
IEEE Transactions on Knowledge and Data Engineering
Wizard: A Database Inference Analysis and Detection System
IEEE Transactions on Knowledge and Data Engineering
Security against Inference Attacks on Negative Information in Object-Oriented Databases
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Data mining, national security, privacy and civil liberties
ACM SIGKDD Explorations Newsletter
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Privacy constraint processing in a privacy-enhanced database management system
Data & Knowledge Engineering
A database security course on a shoestring
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Journal of Computer and System Sciences
Structural signatures for tree data structures
Proceedings of the VLDB Endowment
Accurate and large-scale privacy-preserving data mining using the election paradigm
Data & Knowledge Engineering
Multilevel secure rules and its impact on the design of active database systems
BNCOD'03 Proceedings of the 20th British national conference on Databases
Verification of the security against inference attacks on XML databases
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
A systematic literature review of inference strategies
International Journal of Information and Computer Security
Online anonymity protection in computer-mediated communication
IEEE Transactions on Information Forensics and Security
Inference aggregation detection in database management systems
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Controlling logical inference in multilevel database systems
SP'88 Proceedings of the 1988 IEEE conference on Security and privacy
Enhanced insider threat detection model that increases data availability
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
An inference detection algorithm based on related tuples mining
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Mitigation of malicious modifications by insiders in databases
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Event detection in multilevel secure active databases
ICISS'05 Proceedings of the First international conference on Information Systems Security
Fake injection strategies for private phonetic matching
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Crafting a balance between big data utility and protection in the semantic data cloud
Proceedings of the 3rd International Conference on Web Intelligence, Mining and Semantics
| Hi-index | 0.00 |
This paper addresses the threat to multilevel security that arises from logical inference and the semantics of the application. Such compromises of security are particularly challenging since they circumvent traditional security mechanisms and rely on a user's knowledge of the application. The problems of inference and security have heretofore been amorphous and difficult to circumscribe. We focus on these problems in the context of a multilevel database system and show their relevance to knowledge-based systems, sometimes referred to as expert systems. Here we establish a framework for studying these inference control problems, describe a representation for relevant semantics of the application, develop criteria for safety and security of a system to prevent these problems, and outline algorithms for enforcing these criteria.