Combining Consistency and Confidentiality Requirements in First-Order Databases

  • Joachim Biskup
  • Lena Wiese
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5735)


In a logical setting, consistency of a database instance with constraints is a fundamental requirement. We show how satisfaction of a set of constraints guarantees confidentiality of some information declared secret by a security policy – albeit at the cost of some modified database entries. We identify a very general class of constraints for which this problem is effectively and in many cases efficiently solvable by means of an automatic procedure. A distance minimization ensures maximal availability of correct database entries.


Search Tree Security Policy Predicate Symbol Cover Story Closed Formula 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Galinovic, A., Antoncic, V.: Polyinstantiation in relational databases with multilevel security. In: Proceedings of 29th International Conference on Information Technology Interfaces, pp. 127–132. IEEE, Los Alamitos (2007)Google Scholar
  2. 2.
    Jukic, N., Nestorov, S., Vrbsky, S.V., Parrish, A.S.: Enhancing database access control by facilitating non-key related cover stories. Journal of Database Management 16(3), 1–20 (2005)CrossRefGoogle Scholar
  3. 3.
    Cuppens, F., Gabillon, A.: Cover story management. Data & Knowledge Engineering 37(2), 177–201 (2001)CrossRefzbMATHGoogle Scholar
  4. 4.
    Sandhu, R.S., Jajodia, S.: Polyinstantation for cover stories. In: Second ESORICS. In: Deswarte, Y., Quisquater, J.-J., Eizenberg, G. (eds.) ESORICS 1992. LNCS, vol. 648, pp. 307–328. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  5. 5.
    Smith, K., Winslett, M.: Entity modeling in the MLS relational model. In: Proceedings of 18th International Conference on Very Large Data Bases, pp. 199–210. Morgan Kaufmann, San Francisco (1992)Google Scholar
  6. 6.
    Stouppa, P., Studer, T.: Data privacy for knowledge bases. In: Artemov, S., Nerode, A. (eds.) LFCS 2009. LNCS, vol. 5407, pp. 409–421. Springer, Heidelberg (2009)Google Scholar
  7. 7.
    Fagin, R., Kolaitis, P.G., Miller, R.J., Popa, L.: Data exchange: semantics and query answering. Theoretical Computer Science 336(1), 89–124 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Chomicki, J.: Consistent query answering: Five easy pieces. In: Schwentick, T., Suciu, D. (eds.) ICDT 2007. LNCS, vol. 4353, pp. 1–17. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Biskup, J., Wiese, L.: Preprocessing for controlled query evaluation with availability policy. Journal of Computer Security 16(4), 477–494 (2008)CrossRefGoogle Scholar
  10. 10.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Annals of Mathematics and Artificial Intelligence 50(1-2), 39–77 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Winslett, M.: Updating Logical Databases. Cambridge University Press, Cambridge (1990)CrossRefzbMATHGoogle Scholar
  12. 12.
    Börger, E., Grädel, E., Gurevich, Y.: The Classical Decision Problem. Springer, Heidelberg (2001)zbMATHGoogle Scholar
  13. 13.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)zbMATHGoogle Scholar
  14. 14.
    Van Gelder, A., Topor, R.W.: Safety and translation of relational calculus queries. ACM Transactions on Database Systems 16, 235–278 (1991)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Biskup, J., Burgard, D.M., Weibert, T., Wiese, L.: Inference control in logic databases as a constraint satisfaction problem. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 128–142. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Tadros, C., Wiese, L.: Using SAT solvers to compute inference-proof database instances (submitted, 2009)Google Scholar
  17. 17.
    Chang, C.L., Lee, R.C.T.: Symbolic Logic and Mechanical Theorem Proving. Academic Press, London (1973)zbMATHGoogle Scholar
  18. 18.
    Hull, R., Su, J.: Domain independence and the relational calculus. Acta Informatica 31(6), 513–524 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Fragmentation and encryption to enforce privacy in data storage. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 171–186. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Lena Wiese
    • 1
  1. 1.Technische Universität DortmundDortmundGermany

Personalised recommendations