Abstract
Elaborate security policies often require organizations to restrict user data access in a fine-grained manner, instead of traditional table- or column-level access control. Not surprisingly, managing fine-grained access control in software is rather challenging. In particular, if access is not configured carefully, information leakage may happen: Users may infer sensitive information through the data explicitly accessible to them in centralized systems or in the cloud.
In this paper we formalize this information-leakage problem, by modeling sensitive information as answers to “secret queries,” and by modeling access-control rules as views. We focus on the scenario where sensitive information can be deterministically derived by adversaries. We review a natural data-exchange based inference model for detecting information leakage, and show its capabilities and limitation. We then introduce and formally study a new inference model, view-verified data exchange, that overcomes the limitation for the query language under consideration.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The intuition is that tuple patterns occuring over S constrain tuple patterns over T.
- 2.
Weakly acyclic dependencies [6] are types of tuple- and equality-generating integrity constraints that commonly occur in practice and have nice formal properties.
- 3.
A ground data set is a data set without null values.
References
Abiteboul, S., Duschka, O.: Complexity of answering queries using materialized views. In: PODS, pp. 254–263 (1998)
Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)
Agrawal, R., Bayardo Jr., R.J., Faloutsos, C., Kiernan, J., Rantzau, R., Srikant, R.: Auditing compliance with a hippocratic database. In: VLDB, pp. 516–527 (2004)
Al-Shaer, E., Hamed, H., Boutaba, R., Hasan, M.: Conflict classification and analysis of distributed firewall policies. IEEE JSAC 23(10), 2069–2084 (2005)
Ammann, P., Sandhu, R.S.: Safety analysis for the extended schematic protection model. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 87–97 (1991)
Barcelo, P.: Logical foundations of relational data exchange. SIGMOD Rec. 38(1), 49–58 (2009)
Bertino, E., Ghinita, G., Kamra, A.: Access control for databases: concepts and systems. Found. Trends Databases 3(1–2), 1–148 (2011)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for known policies by combining lying and refusal. Ann. Math. Artif. Intell. 40(1–2), 37–62 (2004)
Bond, R., See, K.Y.-K., Wong, C.K.M., Chan, Y.-K.H.: Understanding DB2 9 Security. IBM Press, Indianapolis (2006)
Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: constraints, inference channels, and monitoring disclosures. IEEE TKDE 12(6), 900–919 (2000)
Chandra, A., Merlin, P.: Optimal implementation of conjunctive queries in relational data bases. In: STOC, pp. 77–90 (1977)
Chen, B.-C., Kifer, D., LeFevre, K., Machanavajjhala, A.: Privacy-preserving data publishing. Found. Trends Databases 2(1–2), 1–167 (2009)
Chirkova, R., Yu, T.: Detecting information leakage in database access control with help from data exchange. Technical report (which is not a publication) TR-2013-1, NCSU (2013). http://www.csc.ncsu.edu/research/tech/reports.php
Deutsch, A.: XML query reformulation over mixed and redundant storage. Ph.D. thesis, Univ. Pennsylvania (2002)
Deutsch, A., Nash, A., Remmel, J.: The chase revisited. In: PODS, pp. 149–158 (2008)
Deutsch, A., Tannen, V.: Optimization properties for classes of conjunctive regular path queries. In: Ghelli, G., Grahne, G. (eds.) DBPL 2001. LNCS, vol. 2397, pp. 21–39. Springer, Heidelberg (2002)
Domingo-Ferrer, J. (ed.): Inference Control in Statistical Databases. LNCS, vol. 2316. Springer, Heidelberg (2002)
Fagin, R., Kolaitis, P., Miller, R., Popa, L.: Data exchange: semantics and query answering. Theor. Comput. Sci. 336(1), 89–124 (2005)
Fuxman, A., Kolaitis, P.G., Miller, R.J., Tan, W.-C.: Peer data exchange. ACM TODS 31(4), 1454–1498 (2006)
Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Comm. ACM 19, 461–471 (1976)
Kabra, G., Ramamurthy, R., Sudarshan, S.: Redundancy and information leakage in finite-grained access control. In: ACM SIGMOD Conference, pp. 133–144 (2006)
Li, N., Winsborough, W.H., Mitchell, J.C.: Beyond proof-of-compliance: safety and availability analysis in trust management. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 123–139 (2003)
Miklau, G., Suciu, D.: A formal analysis of information disclosure in data exchange. JCSS 73(3), 507–534 (2007)
Motwani, R., Nabar, S., Thomas, D.: Auditing SQL queries. In: ICDE 2008 (2008)
The Virtual Private Database in Oracle9iR2. An Oracle White Paper (2002)
Stoffel, K., Studer, T.: Provable data privacy. In: Andersen, K.V., Debenham, J., Wagner, R. (eds.) DEXA 2005. LNCS, vol. 3588, pp. 324–332. Springer, Heidelberg (2005)
Zhang, X., Ozsoyoglu, M.: Implication and referential constraints: a new formal reasoning. IEEE TKDE 9(6), 894–910 (1997)
Zhang, Z., Mendelzon, A.O.: Authorization views and conditional query containment. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 259–273. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Alborzi, F., Chirkova, R., Yu, T. (2015). Exact Detection of Information Leakage in Database Access Control. In: Madria, S., Hara, T. (eds) Big Data Analytics and Knowledge Discovery. DaWaK 2015. Lecture Notes in Computer Science(), vol 9263. Springer, Cham. https://doi.org/10.1007/978-3-319-22729-0_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-22729-0_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22728-3
Online ISBN: 978-3-319-22729-0
eBook Packages: Computer ScienceComputer Science (R0)