Towards Controlled Query Evaluation for Incomplete First-Order Databases

  • Joachim Biskup
  • Cornelia Tadros
  • Lena Wiese
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5956)

Abstract

Controlled Query Evaluation (CQE) protects confidential information, stored in an information system. It prevents harmful inferences due to a user’s knowledge and reasoning. In this article we extend CQE to incomplete first-order databases, a data model which suits a broader range of applications than a previously studied propositional incomplete data model. Because of the complexity of the underlying implication problem, which describes the user’s reasoning, the representation of the user’s knowledge is the main obstacle to effective inference control. For knowledge representation, we introduce first-order modal logic to CQE. Especially, we deal with knowledge about a restricted data model in first-order logic. The restricted data model considered gives rise to a new problem: if the user is aware of the data model, his reasoning must be modeled appropriately. In the analysis of this “reasoning” model we consider both confidentiality and availability. Finally we show, how the considered data model can be reduced to the propositional case and analyze confidentiality properties of the resulting implementation.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Biskup, J., Bonatti, P.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3, 14–27 (2004)CrossRefGoogle Scholar
  2. 2.
    Biskup, J., Bonatti, P.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38, 199–222 (2001)CrossRefMATHGoogle Scholar
  3. 3.
    Biskup, J., Bonatti, P.: Controlled query evaluation for known policies by combining lying and refusal. Annals of Mathematics and Artificial Intelligence 40, 37–62 (2004)CrossRefMATHMathSciNetGoogle Scholar
  4. 4.
    Biskup, J., Bonatti, P.: Controlled query evaluation with open queries for a decidable relational submodel. Annals of Mathematics and Artificial Intelligence 50, 39–77 (2007)CrossRefMATHMathSciNetGoogle Scholar
  5. 5.
    Biskup, J., Wiese, L.: Preprocessing for controlled query evaluation with availability policy. Journal of Computer Security 16(4), 477–494 (2008)Google Scholar
  6. 6.
    Biskup, J., Lochner, J.H.: Enforcing confidentiality in relational databases by reducing inference control to access control. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 407–422. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Requirements and protocols for inference-proof interactions in information systems. In: Backes, M., Ning, P. (eds.) Computer Security – ESORICS 2009. LNCS, vol. 5789, pp. 285–302. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Biskup, J., Seiler, J., Weibert, T.: Controlled query evaluation and inference-free view updates. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 1–16. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Biskup, J., Weibert, T.: Confidentiality policies for controlled query evaluation. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 1–13. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. International Journal of Information Security 7(3), 199–217 (2008)CrossRefGoogle Scholar
  11. 11.
    Weibert, T.: A Framework for Inference Control in Incomplete Logic Databases. PhD thesis, Technische Universität Dortmund (2008), http://hdl.handle.net/2003/25116
  12. 12.
    Wolter, F., Zakharyaschev, M.: Decidable fragments of first-order modal logics. The Journal of Symbolic Logic 66(3), 1415–1438 (2001)CrossRefMATHMathSciNetGoogle Scholar
  13. 13.
    Reiter, R.: What should a database know? Logic Programming 14, 127–153 (1992)CrossRefMATHMathSciNetGoogle Scholar
  14. 14.
    Levesque, H.L.: Foundations of a functional approach to knowledge representation. Artificial Intelligence 23, 155–212 (1984)CrossRefMATHGoogle Scholar
  15. 15.
    Halpern, J., Moses, Y.: A guide to the modal logics of knowledge and belief: Preliminary draft. In: Ninth International Joint Conference on Artificial Intelligence, pp. 480–490 (1985)Google Scholar
  16. 16.
    Fitting, M., Mendelsohn, R.L.: First-Order Modal Logic. Synthese Library, vol. 277. Kluwer Academic Publishers, Dordrecht (1998)CrossRefMATHGoogle Scholar
  17. 17.
    Tadros, C.: Kontrollierte Anfrageauswertung in unvollständigen prädikatenlogischen Datenbanken (in German). Diplomarbeit, Technische Universität Dortmund (2008), http://ls6-www.cs.uni-dortmund.de/uploads/tx_ls6ext/Tadros2008Kontrollierte.pdf
  18. 18.
    Ramachandran, D., Amir, E.: Compact propositional encodings of first-order theories. In: Proceedings of the Nineteenth International Joint Conference on Artificial Intelligence, IJCAI 2005, pp. 1579–1580 (2005)Google Scholar
  19. 19.
    Bonatti, P.A., Kraus, S., Subrahmanian, V.S.: Foundations of secure deductive databases. IEEE Transactions on Knowledge and Data Engineering 7, 406–422 (1995)CrossRefGoogle Scholar
  20. 20.
    Yang, X., Li, C.: Secure XML publishing without information leakage in the presence of data inference. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB 2004, pp. 96–107 (2004)Google Scholar
  21. 21.
    Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: Constraints, inference channels and monitoring disclosures. IEEE Transactions on Knowledge and Data Engineering 12(6), 900–919 (2000)CrossRefGoogle Scholar
  22. 22.
    Gammer, I., Amir, E.: Solving satisfiability in ground logic with equality by efficient conversion to propositional logic. In: Miguel, I., Ruml, W. (eds.) SARA 2007. LNCS (LNAI), vol. 4612, pp. 169–183. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Cornelia Tadros
    • 1
  • Lena Wiese
    • 1
  1. 1.Technische Universität DortmundGermany

Personalised recommendations