Abstract
Controlled Query Evaluation (CQE) protects confidential information, stored in an information system. It prevents harmful inferences due to a user’s knowledge and reasoning. In this article we extend CQE to incomplete first-order databases, a data model which suits a broader range of applications than a previously studied propositional incomplete data model. Because of the complexity of the underlying implication problem, which describes the user’s reasoning, the representation of the user’s knowledge is the main obstacle to effective inference control. For knowledge representation, we introduce first-order modal logic to CQE. Especially, we deal with knowledge about a restricted data model in first-order logic. The restricted data model considered gives rise to a new problem: if the user is aware of the data model, his reasoning must be modeled appropriately. In the analysis of this “reasoning” model we consider both confidentiality and availability. Finally we show, how the considered data model can be reduced to the propositional case and analyze confidentiality properties of the resulting implementation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Biskup, J., Bonatti, P.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3, 14–27 (2004)
Biskup, J., Bonatti, P.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38, 199–222 (2001)
Biskup, J., Bonatti, P.: Controlled query evaluation for known policies by combining lying and refusal. Annals of Mathematics and Artificial Intelligence 40, 37–62 (2004)
Biskup, J., Bonatti, P.: Controlled query evaluation with open queries for a decidable relational submodel. Annals of Mathematics and Artificial Intelligence 50, 39–77 (2007)
Biskup, J., Wiese, L.: Preprocessing for controlled query evaluation with availability policy. Journal of Computer Security 16(4), 477–494 (2008)
Biskup, J., Lochner, J.H.: Enforcing confidentiality in relational databases by reducing inference control to access control. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 407–422. Springer, Heidelberg (2007)
Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Requirements and protocols for inference-proof interactions in information systems. In: Backes, M., Ning, P. (eds.) Computer Security – ESORICS 2009. LNCS, vol. 5789, pp. 285–302. Springer, Heidelberg (2009)
Biskup, J., Seiler, J., Weibert, T.: Controlled query evaluation and inference-free view updates. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 1–16. Springer, Heidelberg (2009)
Biskup, J., Weibert, T.: Confidentiality policies for controlled query evaluation. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 1–13. Springer, Heidelberg (2007)
Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. International Journal of Information Security 7(3), 199–217 (2008)
Weibert, T.: A Framework for Inference Control in Incomplete Logic Databases. PhD thesis, Technische Universität Dortmund (2008), http://hdl.handle.net/2003/25116
Wolter, F., Zakharyaschev, M.: Decidable fragments of first-order modal logics. The Journal of Symbolic Logic 66(3), 1415–1438 (2001)
Reiter, R.: What should a database know? Logic Programming 14, 127–153 (1992)
Levesque, H.L.: Foundations of a functional approach to knowledge representation. Artificial Intelligence 23, 155–212 (1984)
Halpern, J., Moses, Y.: A guide to the modal logics of knowledge and belief: Preliminary draft. In: Ninth International Joint Conference on Artificial Intelligence, pp. 480–490 (1985)
Fitting, M., Mendelsohn, R.L.: First-Order Modal Logic. Synthese Library, vol. 277. Kluwer Academic Publishers, Dordrecht (1998)
Tadros, C.: Kontrollierte Anfrageauswertung in unvollständigen prädikatenlogischen Datenbanken (in German). Diplomarbeit, Technische Universität Dortmund (2008), http://ls6-www.cs.uni-dortmund.de/uploads/tx_ls6ext/Tadros2008Kontrollierte.pdf
Ramachandran, D., Amir, E.: Compact propositional encodings of first-order theories. In: Proceedings of the Nineteenth International Joint Conference on Artificial Intelligence, IJCAI 2005, pp. 1579–1580 (2005)
Bonatti, P.A., Kraus, S., Subrahmanian, V.S.: Foundations of secure deductive databases. IEEE Transactions on Knowledge and Data Engineering 7, 406–422 (1995)
Yang, X., Li, C.: Secure XML publishing without information leakage in the presence of data inference. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB 2004, pp. 96–107 (2004)
Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: Constraints, inference channels and monitoring disclosures. IEEE Transactions on Knowledge and Data Engineering 12(6), 900–919 (2000)
Gammer, I., Amir, E.: Solving satisfiability in ground logic with equality by efficient conversion to propositional logic. In: Miguel, I., Ruml, W. (eds.) SARA 2007. LNCS (LNAI), vol. 4612, pp. 169–183. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J., Tadros, C., Wiese, L. (2010). Towards Controlled Query Evaluation for Incomplete First-Order Databases. In: Link, S., Prade, H. (eds) Foundations of Information and Knowledge Systems. FoIKS 2010. Lecture Notes in Computer Science, vol 5956. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11829-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-11829-6_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11828-9
Online ISBN: 978-3-642-11829-6
eBook Packages: Computer ScienceComputer Science (R0)