Abstract
Controlled Query Evaluation (CQE) offers a logical framework to prevent a user of a database from inadvertently gaining knowledge he is not allowed to know. By modeling the user’s a priori knowledge in an appropriate way, a CQE system can control not only plain access to database entries but also inferences made by the user. A dynamic CQE system that enforces inference control at runtime has already been investigated. In this article, we pursue a static approach that constructs an inference-proof database in a preprocessing step. The inference-proof database can respond to any query without enabling the user to infer confidential information. We illustrate the semantics of the system by a comprehensive example and state the essential requirements for an inference-proof and highly available database. We present an algorithm that accomplishes the preprocessing by combining SAT solving and “Branch and Bound”.
Keywords
- Controlled Query Evaluation
- inference control
- lying
- confidentiality of data
- complete database systems
- propositional logic
- SAT solving
- Branch and Bound
Chapter PDF
References
Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38(2), 199–222 (2001)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3(1), 14–27 (2004)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for known policies by combining lying and refusal. Annals of Mathematics and Artificial Intelligence 40(1-2), 37–62 (2004)
Biskup, J., Weibert, T.: Refusal in incomplete databases. In: Farkas, C., Samarati, P. (eds.) Proceedings of the 18th Annual IFIP WG 11.3 Conference on Data and Applications Security, Proceedings, pp. 143–157. Kluwer, Dordrecht (2004)
Chang, L., Moskowitz, I.S.: A study of inference problems in distributed databases. In: Gudes, E., Shenoi, S. (eds.) Proceedings of the 16th Annual IFIP WG 11.3 Conference on Data and Applications Security, pp. 191–204. Kluwer, Dordrecht (2002)
Davis, M., Logemann, G., Loveland, D.W.: A machine program for theorem-proving. Communications of the ACM 5(7), 394–397 (1962)
Davis, M., Putnam, H.: A computing procedure for quantification theory. Journal of the ACM 7(3), 201–215 (1960)
Delgrande, J.P., Schaub, T.: Two approaches to merging knowledge bases. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS, vol. 3229, pp. 426–438. Springer, Heidelberg (2004)
Domingo-Ferrer, J. (ed.): Inference Control in Statistical Databases. LNCS, vol. 2316. Springer, Heidelberg (2002)
Eén, N., Biere, A.: Effective preprocessing in SAT through variable and clause elimination. In: Bacchus, F., Walsh, T. (eds.) SAT 2005. LNCS, vol. 3569, pp. 61–75. Springer, Heidelberg (2005)
Farkas, C., Jajodia, S.: The inference problem: A survey. SIGKDD Explorations 4(2), 6–11 (2002)
Frühwirth, T., Abdennadher, S.: Essentials of Constraint Programming. Springer, Heidelberg (2003)
Ganai, M.K., Ashar, P., Gupta, A., Zhang, L., Malik, S.: Combining strengths of circuit-based and CNF-based algorithms for a high-performance SAT solver. In: Proceedings of the 39th Design Automation Conference, pp. 747–750. ACM Press, New York (2002)
Giunchiglia, E., Sebastiani, R.: Applying the Davis-Putnam procedure to non-clausal formulas. In: Lamma, E., Mello, P. (eds.) AI*IA 1999. LNCS (LNAI), vol. 1792, pp. 84–94. Springer, Heidelberg (2000)
Hale, J., Shenoi, S.: Analyzing fd inference in relational databases. Data & Knowledge Engineering 18(2), 167–183 (1996)
Subbarayan, S., Pradhan, D.K.: Niver: Non increasing variable elimination resolution for preprocessing SAT instances. In: Hoos, H., Mitchell, D.G. (eds.) SAT 2004. LNCS, vol. 3542, pp. 276–291. Springer, Heidelberg (2005)
Thiffault, C., Bacchus, F., Walsh, T.: Solving non-clausal formulas with DPLL search. In: 7th International Conference on Theory and Applications of Satisfiability Testing, Online Proceedings (2004)
Wang, L., Li, Y., Wijesekera, D., Jajodia, S.: Precisely answering multi-dimensional range queries without privacy breaches. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 100–115. Springer, Heidelberg (2003)
Yang, X., Li, C.: Secure XML publishing without information leakage in the presence of data inference. In: Nascimento, M.A., Özsu, M.T., Kossmann, D., Miller, R.J., Blakeley, J.A., Schiefer, K.B. (eds.) Proceedings of the 30th International Conference on Very Large Data Bases, pp. 96–107. Morgan Kaufmann, San Francisco (2004)
Zhang, L.: On subsumption removal and on-the-fly CNF simplification. In: Bacchus, F., Walsh, T. (eds.) SAT 2005. LNCS, vol. 3569, pp. 482–489. Springer, Heidelberg (2005)
Zhang, L., Malik, S.: The quest for efficient boolean satisfiability solvers. In: Voronkov, A. (ed.) CADE 2002. LNCS, vol. 2392, pp. 295–313. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Biskup, J., Wiese, L. (2006). On Finding an Inference-Proof Complete Database for Controlled Query Evaluation. In: Damiani, E., Liu, P. (eds) Data and Applications Security XX. DBSec 2006. Lecture Notes in Computer Science, vol 4127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11805588_3
Download citation
DOI: https://doi.org/10.1007/11805588_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36796-3
Online ISBN: 978-3-540-36799-4
eBook Packages: Computer ScienceComputer Science (R0)