Dynamic policy adaptation for inference control of queries to a propositional information system

Journal of Computer Security

Volumn 20, Issue 5, 2012, Pages 509-546

  Biskup, Joachim ^a  

^a TU DORTMUND UNIVERSITY   (Germany)

Author keywords

A priori knowledge; closed query; confidentiality policy; Controlled Query Evaluation; disjunctive form; implication problem; inference control; information system; interaction history; policy adaptation; prime implicant; propositional logic; refusal; SAT solving; theorem proving; view

Indexed keywords

CLOSED QUERY; DISJUNCTIVE FORM; IMPLICATION PROBLEM; INFERENCE CONTROL; INTERACTION HISTORY; POLICY ADAPTATION; PRIME IMPLICANTS; PRIORI KNOWLEDGE; PROPOSITIONAL LOGIC; QUERY EVALUATION; REFUSAL; SAT-SOLVING; VIEW;

DATA STRUCTURES; FORMAL LOGIC; INFORMATION SYSTEMS; THEOREM PROVING;

QUERY PROCESSING;

EID: 84872247674     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-2012-0450     Document Type: Conference Paper

References (41)

1. S. Abiteboul, R. Hull and V. Vianu, Foundations of Databases, Addison-Wesley, Reading, MA, 1995.
2. D.E. Bell and L.J. LaPadula, Secure computer systems: a mathematical model, Vol. II, J. Comput. Secur. 4(2, 3) (1996), 229-263.
3. E. Bertino, F. Buccafurri, E. Ferrari and P. Rullo, A logic-based approach for enforcing access control, J. Comput. Secur. 8(2, 3) (2000), 109-139.
4. J. Biskup, For unknown secrecies refusal is better than lying, Data Knowl. Eng. 33(1) (2000), 1-23. (Pubitemid 30568314)
5. J. Biskup, Security in Computing Systems-Challenges, Approaches and Solutions, Springer, Berlin/Heidelberg, 2009.
6. J. Biskup, Usability confinement of server reactions maintaining inference-proof client views by controlled interaction execution, in: Databases in Networked Information Systems, S. Kikuchi, S. Sachdeva and S. Bhalla, eds, Lecture Notes in Computer Science, Vol. 5999, Springer, Berlin/Heidelberg, 2010, pp. 80-106.
7. J. Biskup, History-dependent inference control of queries by dynamic policy adaption, in: Y. Li, ed., Data and Applications Security and Privacy, Lecture Notes in Computer Science, Vol. 6818, Springer, Berlin/Heidelberg, 2011, pp. 106-121.
8. J. Biskup, Inference control, in: Encyclopedia of Cryptography and Security, 2nd edn, H.C.A. van Tilborg and S. Jajodia, eds, Springer, Berlin/Heidelberg, 2011, pp. 600-605.
9. J. Biskup, Inference-usability confinement by maintaining inference-proof views of an information system, Int. J. Comput. Sci. Eng. 7(1) (2012), 17-37.
10. J. Biskup and P.A. Bonatti, Lying versus refusal for known potential secrets, Data Knowl. Eng. 38(2) (2001), 199-222. (Pubitemid 32698732)
11. J. Biskup and P.A. Bonatti, Controlled query evaluation for enforcing confidentiality in complete information systems, Int. J. Inf. Sec. 3(1) (2004), 14-27.
12. J. Biskup and P.A. Bonatti, Controlled query evaluation with open queries for a decidable relational submodel, Ann. Math. Artif. Intell. 50(1, 2) (2007), 39-77.
13. J. Biskup, D.W. Embley and J.-H. Lochner, Reducing inference control to access control for normalized database schemas, Inf. Process. Lett. 106(1) (2008), 8-12. (Pubitemid 351199847)
14. J. Biskup, C. Gogolin, J. Seiler and T. Weibert, Inference-proof view update transactions with forwarded refreshments, J. Comput. Secur. 19 (2011), 487-529.
15. J. Biskup, S. Hartmann, S. Link and J.-H. Lochner, Efficient inference control for open relational queries, in: Database and Applications Security, S. Foresti and S. Jajodia, eds, Lecture Notes in Computer Science, Vol. 6166, Springer, Berlin/Heidelberg, 2010, pp. 162-176.
16. J. Biskup and J. Parthe, Optimistic anonymous participation in inter-organizational workflow instances, in: Information Systems Security, A. Bagchi and V. Atluri, eds, Lecture Notes in Computer Science, Vol. 4332, Springer, Berlin/Heidelberg, 2006, pp. 86-100.
17. J. Biskup and C. Tadros, Inference-proof view update transactions with minimal refusals, in: Data Privacy Management and Autonomous Spontaneous Security, J. Garcia-Alfaro, G. Navarro-Arribas, N. Cuppens-Boulahia and S. De Capitani di Vimercati, eds, Lecture Notes in Computer Science, Vol. 7122, Springer, Berlin/Heidelberg, 2012, pp. 104-121.
18. J. Biskup and T. Weibert, Keeping secrets in incomplete databases, Int. J. Inf. Sec. 7(3) (2008), 199-217. (Pubitemid 351722211)
19. J. Biskup and L. Wiese, Preprocessing for controlled query evaluation with availability policy, J. Comput. Secur. 16(4) (2008), 477-494.
20. J. Biskup and L. Wiese, A sound and complete model-generation procedure for consistent and confidentiality-preserving databases, Theoret. Comput. Sci. 412 (2011), 4044-4072.
21. L. Bordeaux, Y. Hamadi and L. Zhang, Propositional satisfiability and constraint programming: a comparative survey, ACM Comput. Surv. 38(4) (2006), 121-1254.
22. Y. Chen and W.W. Chu, Protection of database security via collaborative inference detection, IEEE Trans. Knowl. Data Eng. 20(8) (2008), 1013-1027.
23. P. Clote and E. Kranakis, Boolean Functions and Computation Models, Springer, Berlin/Heidelberg, 2002.
24. S.A. Cook, The complexity of theorem-proving procedures, in: Proc. Symposium on Theory of Computing, M.A. Harrison, R.B. Banerji and J.D. Ullman, eds, ACM Press, New York, 1971, pp. 151-158.
25. M. Davis, G. Logemann and D.W. Loveland, A machine program for theorem-proving, Commun. ACM 5(7) (1962), 394-397.
26. M. Davis and H. Putnam, A computing procedure for quantification theory, J. ACM 7(3) (1960), 201-215.
27. G. De Micheli, Synthesis and Optimization of Digital Circuits, McGraw-Hill, New York, 1994.
28. D.E. Denning, Cryptography and Data Security, Addison-Wesley, Reading, MA, 1982.
29. C. Farkas and S. Jajodia, The inference problem: a survey, SIGKDD Explorations 4(2) (2002), 6-11.
30. S. Jajodia, P. Samarati, M.L. Sapino and V.S. Subrahmanian, Flexible support for multiple access control policies, ACM Trans. Database Syst. 26(2) (2001), 214-260. (Pubitemid 33661632)
31. H. Katebi, K.A. Sakallah and J.P. Marques-Silva, Empirical study of the anatomy of modern SAT solvers, in: Theory and Applications of Satisfiability Testing, K.A. Sakallah and L. Simon, eds, Lecture Notes in Computer Science, Vol. 6695, Springer, Berlin/Heidelberg, 2011, pp. 343-356.
32. R. Kaushik and R. Ramamurthy, Efficient auditing for complex SQL queries, in: Proc. ACM SIG-MOD International Conference on Management of Data, T.K. Sellis, R.J. Miller, A. Kementsietsidis and Y. Velegrakis, eds, ACM Press, New York, 2011, pp. 697-708.
33. K. Knorr, Dynamic access control through Petri net workflows, in: Proc. Annual Computer Security Applications Conference, IEEE Computer Society, Los Alamitos, CA, 2000, pp. 159-167.
34. K. Ligatti and S. Reddy, A theory of runtime enforcement, with results, in: Proc. European Symposium on Research in Computer Security, D. Gritzalis, B. Preneel and M. Theoharidou, eds, Lecture Notes in Computer Science, Vol. 6345, Springer, Berlin/Heidelberg, 2010, pp. 87-100.
35. S. Malik and L. Zhang, Boolean satisfiability from theoretical hardness to practical success, Commun. ACM 52(8) (2009), 76-82.
36. G. Miklau and D. Suciu, A formal analysis of information disclosure in data exchange, J. Comput. Syst. Sci. 73(3) (2007), 507-534. (Pubitemid 46027076)
37. R. Motwani, S.U. Nabar and D. Thomas, Auditing SQL queries, in: Proc. International Conference on Data Engineering, G. Alonso, J.A. Blakeley and A.L.P. Chen, eds, IEEE Computer Society, Los Alamitos, CA, 2008, pp. 287-296.
38. F.B. Schneider, Enforceable security policies, ACM Trans. Inf. Syst. Secur. 3(1) (2000), 30-50.
39. G.L. Sicherman, W. de Jonge and R.P. van de Riet, Answering queries without revealing secrets, ACM Trans. Database Syst. 8(1) (1983), 41-59. (Pubitemid 13503447)
40. I. Wegener, The Complexity of Boolean Functions, Wiley, Chichester and Teubner, Stuttgart, 1987.
41. Z. Zhang and A.O. Mendelzon, Authorization views and conditional query containment, in International Conference on Database Theory, T. Eiter and L. Libkin, eds, Lecture Notes in Computer Science, Vol. 3363, Springer, Berlin/Heidelberg, 2005, pp. 259-273.