Static detection of security flaws in object-oriented databases
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
Controlling Aggregation in Distributed Object Systems: A Graph-Based Approach
IEEE Transactions on Parallel and Distributed Systems
Wizard: A Database Inference Analysis and Detection System
IEEE Transactions on Knowledge and Data Engineering
Protecting Respondents' Identities in Microdata Release
IEEE Transactions on Knowledge and Data Engineering
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
DMKD '03 Proceedings of the 8th ACM SIGMOD workshop on Research issues in data mining and knowledge discovery
Proceedings of the 11th ACM conference on Computer and communications security
Privacy intrusion detection using dynamic Bayesian networks
ICEC '06 Proceedings of the 8th international conference on Electronic commerce: The new e-commerce: innovations for conquering current barriers, obstacles and limitations to conducting successful business on the internet
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Self-enforcing Private Inference Control
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Semantics-aware security policy specification for the semantic web data
International Journal of Information and Computer Security
Monitoring information leakage during query aggregation
ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology
Suppressing microdata to prevent classification based inference
The VLDB Journal — The International Journal on Very Large Data Bases
A systematic literature review of inference strategies
International Journal of Information and Computer Security
Protecting privacy of sensitive value distributions in data release
STM'10 Proceedings of the 6th international conference on Security and trust management
Modeling and preventing inferences from sensitive value distributions in data release
Journal of Computer Security - STM'10
| Hi-index | 0.00 |
Multilevel relational database systems store information at different security classifications. An inference problem exists if it is possible for a user with a low-level clearance to draw conclusions about information at higher classifications. We are developing DISSECT, a tool for analyzing multilevel relational database schemas to assist in the detection and eliminationof inference problems. A translation is defined from schemas to an equivalent graph representation, which can be presented graphically in DISSECT. The initial focus is on detection of inference problems that depend only on information all of which is stored inthe database. In particular, we identify us potential inference problems different sequences of foreign key relationships that connect the same entities. Inferences can be blocked by upgrading the security classification of some of foreign key relationships. We suggest aglobal optimization approach to upgrading to block a set of inference problems that U11OWSupgrade costs to be considered and supports security categories as wellas levels.