Inference-Proof View Update Transactions with Minimal Refusals

  • Joachim Biskup
  • Cornelia Tadros
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7122)


Publishing information to clients of an information system may leak confidential information. Even more, update transaction protocols must ensure both integrity and confidentiality of information which results in a conflicting situation rather involved. To avoid confidentiality breaches, previous work allow views with misinformation provided to clients. In order to maintain correctness and reliability of information, we propose query and update protocols that refuse client requests for the sake of confidentiality. Further, this article focuses on availability of information in two ways: confidentiality policy specification can impose less strict confidentiality in favor of availability; the proposed transaction protocol is shown to be as cooperative and to provide as much information as possible among a discussed class of transaction protocols. Regarding the confidentiality policy, in our approach the security administrator can choose between protecting only sensitive information in the current instance or even outdated information of previous instances.


Query Processing Integrity Constraint Query Evaluation Covert Channel Database Instance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Toland, T.S., Farkas, C., Eastman, C.M.: The inference problem: Maintaining maximal availability in the presence of database updates. Computers & Security 29(1), 88–103 (2010)CrossRefGoogle Scholar
  2. 2.
    Jajodia, S., Meadows, C.: Inference problems in multilevel secure database management systems. In: Abrams, M.D., Jajodia, S., Podell, H.J. (eds.) Information Security: An Integrated Collection of Essays, pp. 570–584. IEEE (1995)Google Scholar
  3. 3.
    Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Requirements and Protocols for Inference-Proof Interactions in Information Systems. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 285–302. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Biskup, J., Tadros, C.: Policy-based secrecy in the Runs & Systems framework and controlled query evaluation. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) Short Paper of IWSEC 2010. IPSJ, pp. 60–77 (2010)Google Scholar
  5. 5.
    Biskup, J.: Usability Confinement of Server Reactions: Maintaining Inference-Proof Client Views by Controlled Interaction Execution. In: Kikuchi, S., Sachdeva, S., Bhalla, S. (eds.) DNIS 2010. LNCS, vol. 5999, pp. 80–106. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Inference-proof view update transactions with forwarded refreshments. Journal of Computer Security 19(3), 487–529 (2011)Google Scholar
  7. 7.
    Bancilhon, F., Spyratos, N.: Update semantics of relational views. ACM Transactions on Database Systems (TODS) 6(4), 557–575 (1981)zbMATHCrossRefGoogle Scholar
  8. 8.
    Gabillon, A.: Multilevel databases. In: Rivero, L.C., Doorn, J.H., Ferraggine, V.E. (eds.) Encyclopedia of Database Technologies and Applications, pp. 386–389. Idea Group (2005)Google Scholar
  9. 9.
    Biskup, J., Wiese, L.: A sound and complete model-generation procedure for consistent and confidentiality-preserving databases. Theoretical Computer Science 412(31), 4044–4072 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Dawson, S., di Vimercati, S.D.C., Lincoln, P., Samarati, P.: Maximizing sharing of protected information. Journal of Computer and System Sciences 64(3), 496–541 (2002)MathSciNetzbMATHCrossRefGoogle Scholar
  11. 11.
    Aggarwal, C.C., Yu, P.S. (eds.): Privacy-Preserving Data Mining - Models and Algorithms. Advances in Database Systems, vol. 34. Springer, Heidelberg (2008)Google Scholar
  12. 12.
    Jajodia, S., Atluri, V., Keefe, T.F., McCollum, C.D., Mukkamala, R.: Multilevel security transaction processing. Journal of Computer Security 9(3), 165–195 (2001)Google Scholar
  13. 13.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley (1995)Google Scholar
  14. 14.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3(1), 14–27 (2004)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Mazumdar, S., Stemple, D.W., Sheard, T.: Resolving the tension between integrity and security using a theorem prover. In: Boral, H., Larson, P.Å. (eds.) SIGMOD Conference 1988, pp. 233–242. ACM Press (1988)Google Scholar
  16. 16.
    Cuppens, F., Gabillon, A.: Logical foundations of multilevel databases. Data & Knowledge Engineering 29(3), 259–291 (1999)zbMATHCrossRefGoogle Scholar
  17. 17.
    Biskup, J., Wiese, L.: Preprocessing for controlled query evaluation with availability policy. Journal of Computer Security 16(4), 477–494 (2008)Google Scholar
  18. 18.
    Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Livraga, G., Samarati, P.: Enforcing Confidentiality and Data Visibility Constraints: An OBDD Approach. In: Li, Y. (ed.) DBSec 2011. LNCS, vol. 6818, pp. 44–59. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  19. 19.
    Biskup, J., Lochner, J.-H., Sonntag, S.: Optimization of the Controlled Evaluation of Closed Relational Queries. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 214–225. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Cornelia Tadros
    • 1
  1. 1.Technische Universität DortmundGermany

Personalised recommendations