Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
Database security
Answering queries without revealing secrets
ACM Transactions on Database Systems (TODS)
For unknown secrecies refusal is better than lying
Data & Knowledge Engineering
Lying versus refusal for known potential secrets
Data Engineering
Foundations of Secure Deductive Databases
IEEE Transactions on Knowledge and Data Engineering
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
FoIKS '02 Proceedings of the Second International Symposium on Foundations of Information and Knowledge Systems
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
Annals of Mathematics and Artificial Intelligence
An epistemic framework for privacy protection in database linking
Data & Knowledge Engineering
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
Granulation as a privacy protection mechanism
Transactions on rough sets VII
Expression and enforcement of confidentiality policy in active databases
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
Probabilistic Inference Channel Detection and Restriction Applied to Patients' Privacy Assurance
International Journal of Information Security and Privacy
| Hi-index | 0.00 |
An important goal of security in information systems is confidentiality. A confidentiality policy specifies which users should be forbidden to acquire what kind of information, and a controlled query evaluation should enforce such a policy even if users are able to reason about a priori knowledge and the answers to previous queries. We put the following aspects into a unifying and comprehensive framework: formal models of confidentiality policies based on potential secrets or secrecies, user awareness of the policy instance, and enforcement methods applying either lying or refusal, or a combination of lying and refusal. Two new evaluation methods are introduced. Different approaches are systematically compared and evaluated.