Incorporating theory into database system development
Information Processing and Management: an International Journal
Security and inference in multilevel database and knowledge-base systems
SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
On the modes and meaning of feedback to transaction designers
SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
Database theory for supporting specification-based database system development
ICSE '85 Proceedings of the 8th international conference on Software engineering
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
The tracker: a threat to statistical database security
ACM Transactions on Database Systems (TODS)
A Formal System for Reasoning about Programs Accessing a Relational Database
ACM Transactions on Programming Languages and Systems (TOPLAS)
Database Security and Integrity
Database Security and Integrity
Automatic Verification of Database Transaction Safety
Automatic Verification of Database Transaction Safety
Static detection of security flaws in object-oriented databases
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
Constraints, Inference Channels and Secure Databases
CP '02 Proceedings of the 6th International Conference on Principles and Practice of Constraint Programming
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
The inference problem and updates in relational databases
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Dynamic disclosure monitor (D2Mon): an improved query processing solution
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
A scheme for inference problems using rough sets and entropy
RSFDGrC'05 Proceedings of the 10th international conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing - Volume Part II
Unauthorized inferences in semistructured databases
Information Sciences: an International Journal
Inference-Proof view update transactions with minimal refusals
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Hi-index | 0.00 |
Some information in databases and knowledge bases often needs to be protected from disclosure to certain users. Traditional solutions involving multi-level mechanisms are threatened by the user's ability to infer higher level information from the semantics of the application. We concentrate on the revelation of secrets through a user running transactions in the presence of database integrity constraints. We develop a method of specifying secrets formally that not only exposes a useful structure and equivalence among secrets but also allows a theorem prover to detect certain security lapses during transaction compilation time.