Inference Control in Logic Databases as a Constraint Satisfaction Problem
We investigate inference control in logic databases. The administrator defines a confidentiality policy, i. e., the pieces of information which may not be disclosed to a certain user. We present a static approach which constructs an alternative database instance in which the confidential information is replaced by harmless information. The construction is performed by the means of constraint programming: The task of finding an appropriate database instance is delegated to a hierarchical constraint solver. We compare this static approach to a dynamic inference control mechanism – Controlled Query Evaluation – investigated in earlier work, and we also point out possible extensions which make use of the various opportunities offered by hierarchical constraint solvers.
KeywordsInference control confidentiality logic databases constraint satisfaction problems constraint hierarchies
Unable to display preview. Download preview PDF.
- 4.Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. Submitted, 2007. In: FCS 2005. Extended abstract presented at the LICS 2005 Affiliated Workshop on Foundations of Computer Security (2005), available from http://www.cs.chalmers.se/~andrei/FCS05/fcs05.pdf
- 6.Apt, K.: Principles of Constraint Programming. Cambridge University Press, Cambridge (2003)Google Scholar
- 7.Frühwirth, T., Abdennadher, S.: Essentials of Constraint Programming. Springer, Heidelberg (2003)Google Scholar
- 10.Moodahi, I., Gudes, E., Lavee, O., Meisels, A.: A secureworkflow model based on distributed constrained role and task assignment for the internet. In: Lopez, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 171–186. Springer, Heidelberg (2004)Google Scholar