Combining Consistency and Confidentiality Requirements in First-Order Databases

  • Joachim Biskup
  • Lena Wiese
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5735)


In a logical setting, consistency of a database instance with constraints is a fundamental requirement. We show how satisfaction of a set of constraints guarantees confidentiality of some information declared secret by a security policy – albeit at the cost of some modified database entries. We identify a very general class of constraints for which this problem is effectively and in many cases efficiently solvable by means of an automatic procedure. A distance minimization ensures maximal availability of correct database entries.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Galinovic, A., Antoncic, V.: Polyinstantiation in relational databases with multilevel security. In: Proceedings of 29th International Conference on Information Technology Interfaces, pp. 127–132. IEEE, Los Alamitos (2007)Google Scholar
  2. 2.
    Jukic, N., Nestorov, S., Vrbsky, S.V., Parrish, A.S.: Enhancing database access control by facilitating non-key related cover stories. Journal of Database Management 16(3), 1–20 (2005)CrossRefGoogle Scholar
  3. 3.
    Cuppens, F., Gabillon, A.: Cover story management. Data & Knowledge Engineering 37(2), 177–201 (2001)CrossRefMATHGoogle Scholar
  4. 4.
    Sandhu, R.S., Jajodia, S.: Polyinstantation for cover stories. In: Second ESORICS. In: Deswarte, Y., Quisquater, J.-J., Eizenberg, G. (eds.) ESORICS 1992. LNCS, vol. 648, pp. 307–328. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  5. 5.
    Smith, K., Winslett, M.: Entity modeling in the MLS relational model. In: Proceedings of 18th International Conference on Very Large Data Bases, pp. 199–210. Morgan Kaufmann, San Francisco (1992)Google Scholar
  6. 6.
    Stouppa, P., Studer, T.: Data privacy for knowledge bases. In: Artemov, S., Nerode, A. (eds.) LFCS 2009. LNCS, vol. 5407, pp. 409–421. Springer, Heidelberg (2009)Google Scholar
  7. 7.
    Fagin, R., Kolaitis, P.G., Miller, R.J., Popa, L.: Data exchange: semantics and query answering. Theoretical Computer Science 336(1), 89–124 (2005)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Chomicki, J.: Consistent query answering: Five easy pieces. In: Schwentick, T., Suciu, D. (eds.) ICDT 2007. LNCS, vol. 4353, pp. 1–17. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Biskup, J., Wiese, L.: Preprocessing for controlled query evaluation with availability policy. Journal of Computer Security 16(4), 477–494 (2008)CrossRefGoogle Scholar
  10. 10.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Annals of Mathematics and Artificial Intelligence 50(1-2), 39–77 (2007)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Winslett, M.: Updating Logical Databases. Cambridge University Press, Cambridge (1990)CrossRefMATHGoogle Scholar
  12. 12.
    Börger, E., Grädel, E., Gurevich, Y.: The Classical Decision Problem. Springer, Heidelberg (2001)MATHGoogle Scholar
  13. 13.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)MATHGoogle Scholar
  14. 14.
    Van Gelder, A., Topor, R.W.: Safety and translation of relational calculus queries. ACM Transactions on Database Systems 16, 235–278 (1991)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Biskup, J., Burgard, D.M., Weibert, T., Wiese, L.: Inference control in logic databases as a constraint satisfaction problem. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 128–142. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Tadros, C., Wiese, L.: Using SAT solvers to compute inference-proof database instances (submitted, 2009)Google Scholar
  17. 17.
    Chang, C.L., Lee, R.C.T.: Symbolic Logic and Mechanical Theorem Proving. Academic Press, London (1973)MATHGoogle Scholar
  18. 18.
    Hull, R., Su, J.: Domain independence and the relational calculus. Acta Informatica 31(6), 513–524 (1994)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation and encryption to enforce privacy in data storage. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 171–186. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Lena Wiese
    • 1
  1. 1.Technische Universität DortmundDortmundGermany

Personalised recommendations