Security checking in relational database management systems augmented with inference engines
Computers and Security
Resolving the tension between integrity and security using a theorem prover
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
On inference control in semantic data models for statistical databases
Journal of Computer and System Sciences
Privacy lost, anytime, anywhere
Communications of the ACM
Clearing the way for physicians' use of clinical information systems
Communications of the ACM
Privacy, information technology, and health care
Communications of the ACM
Web security sourcebook
Security issues for data warehousing and data mining
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
A framework for inference-directed data mining
Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects
Web security: a step-by-step reference guide
Web security: a step-by-step reference guide
Minimal data upgrading to prevent inference and association attacks
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
WWW '99 Proceedings of the eighth international conference on World Wide Web
Controlled access and dissemination of XML documents
Proceedings of the 2nd international workshop on Web information and data management
DTD inference for views of XML data
PODS '00 Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Using sample size to limit exposure to data mining
Journal of Computer Security - Special issue on database security
On the design and quantification of privacy preserving data mining algorithms
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Cryptography and data security
Cryptography and data security
The Semantic Web: The Roles of XML and RDF
IEEE Internet Computing
Design of LDV: A Multilevel Secure Relational Database Management
IEEE Transactions on Knowledge and Data Engineering
Controlling FD and MVD Inferences in Multilevel Relational Database Systems
IEEE Transactions on Knowledge and Data Engineering
Inference in MLS Database Systems
IEEE Transactions on Knowledge and Data Engineering
Wizard: A Database Inference Analysis and Detection System
IEEE Transactions on Knowledge and Data Engineering
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
Some Privacy Issues in Knowledge Discovery: The OECD Personal Privacy Guidelines
IEEE Expert: Intelligent Systems and Their Applications
The Personal Model of Data - Towards a Privacy Oriented Information System (Extended Abstract)
Proceedings of the Fifth International Conference on Data Engineering
Current Issues in Statistical Database Security
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Web Implementation of a Securtty Mediator for Medical Databases
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Controlled Query Evaluation for Known Policies by Combining Lying and Refusal
FoIKS '02 Proceedings of the Second International Symposium on Foundations of Information and Knowledge Systems
Data-Security in Heterogeneous Agent Systems
CIA '98 Proceedings of the Second International Workshop on Cooperative Information Agents II, Learning, Mobility and Electronic Commerce for Information Discovery on the Internet
Dynamic Aspects of the InfoPriv Model for Information Privacy
DEXA '98 Proceedings of the 9th International Workshop on Database and Expert Systems Applications
Privacy and Confidentiality in Healthcare Delivery Information System
CBMS '99 Proceedings of the 12th IEEE Symposium on Computer-Based Medical Systems
Data Level Inference Detection in Database Systems
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Concepts and Architecture of a Security-Centric Mobile Agent Server
ISADS '01 Proceedings of the Fifth International Symposium on Autonomous Decentralized Systems
Elimination of Inference Channels by Optimal Upgrading
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge Discovery
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
When do data mining results violate privacy?
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the 11th ACM conference on Computer and communications security
Technology and Web User Data Privacy: A Survey of Risks and Countermeasures
IEEE Security and Privacy
A privacy-sensitive approach to distributed clustering
Pattern Recognition Letters - Special issue: Advances in pattern recognition
Template-Based Privacy Preservation in Classification Problems
ICDM '05 Proceedings of the Fifth IEEE International Conference on Data Mining
Ontology guided XML security engine
Journal of Intelligent Information Systems - Special issue: Database and applications security
On tracker attacks in health grids
Proceedings of the 2006 ACM symposium on Applied computing
Towards a framework for connection anonymity
SAICSIT '05 Proceedings of the 2005 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries
An integer programming approach for frequent itemset hiding
CIKM '06 Proceedings of the 15th ACM international conference on Information and knowledge management
Handicapping attacker's confidence: an alternative to k-anonymization
Knowledge and Information Systems
Privacy-preserving agent-based distributed data clustering
Web Intelligence and Agent Systems
Distributed access control: a privacy-conscious approach
Proceedings of the 12th ACM symposium on Access control models and technologies
Seven privacy worries in ubiquitous social computing
Proceedings of the 3rd symposium on Usable privacy and security
Controlled query evaluation with open queries for a decidable relational submodel
Annals of Mathematics and Artificial Intelligence
A privacy-preserving index for range queries
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Reducing inference control to access control for normalized database schemas
Information Processing Letters
Detecting privacy leaks using corpus-based association rules
Proceedings of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining
Preprocessing for controlled query evaluation with availability policy
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Cloaking games in location based services
Proceedings of the 2008 ACM workshop on Secure web services
Disclosure Analysis and Control in Statistical Databases
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Privacy-preserving data mashup
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
An efficient online auditing approach to limit private data disclosure
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
Controlled Query Evaluation and Inference-Free View Updates
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Self-enforcing Private Inference Control
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Distributed data mining and agents
Engineering Applications of Artificial Intelligence
Inference in distributed data clustering
Engineering Applications of Artificial Intelligence
Semantics-aware security policy specification for the semantic web data
International Journal of Information and Computer Security
Privacy-preserving data publishing: A survey of recent developments
ACM Computing Surveys (CSUR)
Confidentiality policies for controlled query evaluation
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
New paradigm of inference control with trusted computing
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Inference control in logic databases as a constraint satisfaction problem
ICISS'07 Proceedings of the 3rd international conference on Information systems security
A framework to enforce access control over data streams
ACM Transactions on Information and System Security (TISSEC)
Requirements and protocols for inference-proof interactions in information systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Suppressing microdata to prevent classification based inference
The VLDB Journal — The International Journal on Very Large Data Bases
HengHa: data harvesting detection on hidden databases
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Efficient inference control for open relational queries
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Private information disclosure from web searches
PETS'10 Proceedings of the 10th international conference on Privacy enhancing technologies
Proceedings of the FSE/SDP workshop on Future of software engineering research
Privacy disclosure analysis and control for 2D contingency tables containing inaccurate data
PSD'10 Proceedings of the 2010 international conference on Privacy in statistical databases
Query-based access control for ontologies
RR'10 Proceedings of the Fourth international conference on Web reasoning and rule systems
Privacy-preserving publishing microdata with full functional dependencies
Data & Knowledge Engineering
Enhanced insider threat detection model that increases data availability
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
Anonymity meets game theory: secure data integration with malicious participants
The VLDB Journal — The International Journal on Very Large Data Bases
Opacity analysis in trust management systems
ISC'11 Proceedings of the 14th international conference on Information security
On the inference-proofness of database fragmentation satisfying confidentiality constraints
ISC'11 Proceedings of the 14th international conference on Information security
On finding an inference-proof complete database for controlled query evaluation
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Requirements of information reductions for cooperating intrusion detection agents
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Dynamic disclosure monitor (D2Mon): an improved query processing solution
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Suppressing microdata to prevent probabilistic classification based inference
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Sanitization of databases for refined privacy trade-offs
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Design by example for SQL table definitions with functional dependencies
The VLDB Journal — The International Journal on Very Large Data Bases
A model-theoretic approach to data anonymity and inference control
Proceedings of the second ACM conference on Data and Application Security and Privacy
Inference on distributed data clustering
MLDM'05 Proceedings of the 4th international conference on Machine Learning and Data Mining in Pattern Recognition
An inference detection algorithm based on related tuples mining
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Controlled query evaluation with open queries for a decidable relational submodel
FoIKS'06 Proceedings of the 4th international conference on Foundations of Information and Knowledge Systems
Information theory and the security of binary data perturbation
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
A unified framework for heterogeneous patterns
Information Systems
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Disclosure analysis for two-way contingency tables
PSD'06 Proceedings of the 2006 CENEX-SDC project international conference on Privacy in Statistical Databases
Predicting and preventing insider threat in relational database systems
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
A generic approach for correcting access restrictions to a consequence
ESWC'10 Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part I
Mitigation of malicious modifications by insiders in databases
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Inference-usability confinement by maintaining inference-proof views of an information system
International Journal of Computational Science and Engineering
ACM Transactions on Database Systems (TODS)
An information theoretic framework for web inference detection
Proceedings of the 5th ACM workshop on Security and artificial intelligence
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
Probabilistic Inference Channel Detection and Restriction Applied to Patients' Privacy Assurance
International Journal of Information Security and Privacy
Dynamic policy adaptation for inference control of queries to a propositional information system
Journal of Computer Security - DBSec 2011
Information flow in trust management systems
Journal of Computer Security - CSF 2010
Hi-index | 0.01 |
Access control models protect sensitive data from unauthorized disclosure via direct accesses, however, they fail to prevent indirect accesses. Indirect data disclosure via inference channels occurs when sensitive information can be inferred from non-sensitive data and metadata. Inference channels are often low-bandwidth and complex; nevertheless, detection and removal of inference channels is necessary to guarantee data security. This paper presents a survey of the current and emerging research in data inference control and emphasizes the importance of targeting this so often overlooked problem during database security design.