Reducing inference control to access control for normalized database schemas

被引：36

作者：

Biskup, Joachim ^{[1
]}

Embley, David W. ^{[2
]}

Lochner, Jan-Hendrik ^{[1
]}

机构：

[1] Univ Dortmund, Fachbereich Informat, D-44221 Dortmund, Germany

[2] Brigham Young Univ, Dept Comp Sci, Provo, UT 84602 USA

来源：

INFORMATION PROCESSING LETTERS | 2008年 / 106卷 / 01期

关键词：

access control; controlled query evaluation; databases; inference control; safety/security in digital systems;

D O I：

10.1016/j.ipl.2007.09.007

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Considering relational databases, controlled query evaluation preserves confidentiality even under inferences but at the expense of efficiency. Access control, however, enables efficiently computable access decisions but cannot automatically assure confidentiality because of missing inference control. In this paper we investigate constraints sufficient to eliminate (nontrivial) inferences in relational databases with the objective of replacing controlled query evaluation by access control mechanisms under preservation of confidentiality. (c) 2007 Elsevier B.V. All rights reserved.

引用

页码：8 / 12

页数：5

共 15 条

[1] Controlled query evaluation for known policies by combining lying and refusal [J].

Biskup, J ;

Bonatti, PA .

ANNALS OF MATHEMATICS AND ARTIFICIAL INTELLIGENCE, 2004, 40 (1-2) :37-62

[2] BOYCE-CODD NORMAL-FORM AND OBJECT NORMAL FORMS [J].

BISKUP, J .

INFORMATION PROCESSING LETTERS, 1989, 32 (01) :29-33

[3] Lying versus refusal for known potential secrets [J].

Biskup, J ;

Bonatti, PA .

DATA & KNOWLEDGE ENGINEERING, 2001, 38 (02) :199-222

[4]

Biskup J., 2004, Int. J. Inf. Sec, V3, P14, DOI DOI 10.1007/S10207-004-0032-1

[5] FOUNDATIONS OF SECURE DEDUCTIVE DATABASES [J].

BONATTI, PA ;

KRAUS, S ;

SUBRAHMANIAN, VS .

IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 1995, 7 (03) :406-422

[6] Secure databases: Constraints, inference channels, and monitoring disclosures [J].

Brodsky, A ;

Farkas, C ;

Jajodia, S .

IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2000, 12 (06) :900-919

[7] Logical foundations of multilevel databases [J].

Cuppens, F ;

Gabillon, A .

DATA & KNOWLEDGE ENGINEERING, 1999, 29 (03) :259-291

[8] Cover story management [J].

Cuppens, F ;

Gabillon, A .

DATA & KNOWLEDGE ENGINEERING, 2001, 37 (02) :177-201

[9] Specification and enforcement of classification and inference constraints [J].

Dawson, S ;

di Vimercati, SD ;

Samarati, P .

PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, :181-195

[10]

Dawson S., 1999, Proceedings of the Eighteenth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, P114, DOI 10.1145/303976.303988

← 1 2 →