Constructing Inference-Proof Belief Mediators

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9149)

Abstract

An information owner might interact with cooperation partners regarding its belief, which is derived from a collection of heterogeneous data sources and can be changed according to perceptions of the partners’ actions. While interacting, the information owner willingly shares some information with a cooperation partner but also might want to keep selected pieces of information confidential. This requirement should even be satisfied if the partner as an intelligent and only semi-honest attacker attempts to infer hidden information from accessible data, also employing background knowledge. For this problem of inference control, we outline and discuss a solution by means of a sophisticated mediator agent. Based on forming an integrated belief from the underlying data sources, the design adapts and combines known approaches to language-based information flow control and controlled interaction execution for logic-based information systems.

Keywords

Attacker simulation Security policy Controlled interaction execution Declassification Inference control Information flow control Integrated belief Mediation Multiagent system Reasoning 

References

  1. 1.
    Andrighetto, G., Governatori, G., Noriega, P., van der Torre, L.W.N. (eds.): Normative Multi-Agent Systems. Dagstuhl Follow-Ups, vol. 4. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2013)Google Scholar
  2. 2.
    Balliu, M., Dam, M., Guernic, G.L.: Encover: symbolic exploration for information flow security. In: Chong, S. (ed.) IEEE Computer Security Foundations Symposium - CSF 2012, pp. 30–44. IEEE Computer Society, Los Alamitos (2012)CrossRefGoogle Scholar
  3. 3.
    Banerjee, A., Naumann, D.A., Rosenberg, S.: Expressive declassification policies and modular static enforcement. In: IEEE Symposium on Security and Privacy - S & P 2008, pp. 339–353. IEEE Computer Society, Los Alamitos (2008)Google Scholar
  4. 4.
    Biskup, J.: Inference-usability confinement by maintaining inference-proof views of an information system. Int. J. Comput. Sci. Eng. 7(1), 17–37 (2012)CrossRefGoogle Scholar
  5. 5.
    Biskup, J.: Logic-oriented confidentiality policies for controlled interaction execution. In: Madaan, A., Kikuchi, S., Bhalla, S. (eds.) DNIS 2013. LNCS, vol. 7813, pp. 1–22. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  6. 6.
    Biskup, J., Bonatti, P.A., Galdi, C., Sauro, L.: Optimality and complexity of inference-proof data filtering and CQE. In: Kutyłowski, M., Vaidya, J. (eds.) ICAIS 2014, Part II. LNCS, vol. 8713, pp. 165–181. Springer, Heidelberg (2014) Google Scholar
  7. 7.
    Biskup, J., Tadros, C.: Idea: towards a vision of engineering controlled interaction execution for information services. In: Jürjens, J., Piessens, F., Bielova, N. (eds.) ESSoS. LNCS, vol. 8364, pp. 35–44. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  8. 8.
    Biskup, J., Tadros, C.: Preserving confidentiality while reacting on iterated queries and belief revisions. Ann. Math. Artif. Intell. 73(1–2), 75–123 (2015)MATHMathSciNetCrossRefGoogle Scholar
  9. 9.
    Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. Int. J. Inf. Sec. 7(3), 199–217 (2008)CrossRefGoogle Scholar
  10. 10.
    Brewka, G.: Multi-context systems: specifying the interaction of knowledge bases declaratively. In: Krötzsch, M., Straccia, U. (eds.) RR 2012. LNCS, vol. 7497, pp. 1–4. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  11. 11.
    Broberg, N., van Delft, B., Sands, D.: Paragon for practical programming with information-flow control. In: Shan, C. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 217–232. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  12. 12.
    Doan, A., Halevy, A.Y., Ives, Z.G.: Principles of Data Integration. Morgan Kaufmann, San Francisco (2012)Google Scholar
  13. 13.
    Fowler, M.: Patterns of Enterprise Application Architecture. Pearson, Boston (2003)Google Scholar
  14. 14.
    Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. ACM Trans. Inf. Syst. Secur. 12(1), 5.1–5.47 (2008)Google Scholar
  15. 15.
    Kott, A., McEneaney, W.M. (eds.): Adversarial Reasoning: Computational Approaches to Reading the Opponent’s Mind. Chapman & Hall/CRC, London (2007)Google Scholar
  16. 16.
    Sabelfeld, A., Sands, D.: Declassification: dimensions and principles. J. Comput. Secur. 17(5), 517–548 (2009)Google Scholar
  17. 17.
    Wooldridge, M.J.: An Introduction to MultiAgent Systems, 2nd edn. Wiley, Chichester (2009)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2015

Authors and Affiliations

  1. 1.Fakultät für InformatikTechnische Universität DortmundDortmundGermany

Personalised recommendations