Secure Query-Processing Strategies
Computer
Mandatory security in object-oriented database systems
OOPSLA '89 Conference proceedings on Object-oriented programming systems, languages and applications
Towards the design of a secure data/knowledge base management system
Data & Knowledge Engineering
Inference secure multilevel databases
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
Randomized algorithms
Introduction to Coding Theory
The Use of Conceptual Structures for Handling the Inference Problem
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Implementation Considerations for Inference Detection: Intended vs. Actual Classification
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Layered Knowledge Chunks for Database Inference
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Enhancing the Controlled Disclosure of Sensitive Information
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Efficient Trace and Revoke Schemes
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
Data mining, national security, privacy and civil liberties
ACM SIGKDD Explorations Newsletter
Data Level Inference Detection in Database Systems
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Detection and Elimination of Inference Channels in Multilevel Relational Database Systems
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Elimination of Inference Channels by Optimal Upgrading
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Catalytic Inference Analysis: Detecting Inference Threats due to Knowledge Discovery
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Multilevel security: privacy by design
Crossroads
Proceedings of the 11th ACM conference on Computer and communications security
Privacy intrusion detection using dynamic Bayesian networks
ICEC '06 Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
Safety in automated trust negotiation
ACM Transactions on Information and System Security (TISSEC)
Reasoning about obfuscated private information: who have lied and how to lie
Proceedings of the 5th ACM workshop on Privacy in electronic society
Dynamic inference control in privacy preference enforcement
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Detecting Inference Channels in Private Multimedia Data via Social Networks
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Confidentiality policies for controlled query evaluation
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
A systematic literature review of inference strategies
International Journal of Information and Computer Security
Privacy preserving via tree augmented naïve Bayesian classifier in multimedia database
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
A scheme for inference problems using rough sets and entropy
RSFDGrC'05 Proceedings of the 10th international conference on Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing - Volume Part II
A model-theoretic approach to data anonymity and inference control
Proceedings of the second ACM conference on Data and Application Security and Privacy
Temporal context lie detection and generation
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Auditing and inference control for privacy preservation in uncertain environments
EuroSSC'06 Proceedings of the First European conference on Smart Sensing and Context
| Hi-index | 0.00 |
An inference problem exists in a multilevel database if knowledge of some objects in the database allows information with a higher security level to be inferred. Many such inferences may be prevented prior to any query processing by raising the security level of some of the objects, however this inevitably impedes information access, as a user with low authorization who queries just one of the objects with raised security must seek clearance even when not in danger of making the inference. More flexible access control is possible when inferences are prevented during query processing, however this practice can result in slow query response times. We demonstrate that access control can be made sufficiently dynamic to ensure easy access to the information users are entitled to, while retaining fast query processing. Our inference control schemes provide collusion resistance and have a query processing time that depends only on the length of the inference channels (not on the length of user query histories). In addition, our schemes provide a property we call crowd control that goes beyond collusion resistance to ensure that if a large number of users have queried all but one of the objects in an inference channel, then no one will be able to query the remaining object regardless of the level of collusion resistance provided by the scheme.