Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

IFIP Annual Conference on Data and Applications Security and Privacy

DBSec 2012: Data and Applications Security and Privacy XXVI pp 56–73Cite as

  1. Home
  2. Data and Applications Security and Privacy XXVI
  3. Conference paper
Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies

Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies

  • Joachim Biskup17,
  • Sven Hartmann18,
  • Sebastian Link19,
  • Jan-Hendrik Lochner17 &
  • …
  • Torsten Schlotmann17 
  • Conference paper
  • 1923 Accesses

  • 2 Citations

Part of the Lecture Notes in Computer Science book series (LNISA,volume 7371)

Abstract

Inference control of queries for relational databases confines the information content and thus the usability of data returned to a client, aiming to keep some pieces of information confidential as specified in a policy, in particular for the sake of privacy. In general, there is a tradeoff between the following factors: on the one hand, the expressiveness offered to administrators to declare a schema, a confidentiality policy and assumptions about a client’s a priori knowledge; on the other hand, the computational complexity of a provably confidentiality preserving enforcement mechanism. We propose and investigate a new balanced solution for a widely applicable situation: we admit relational schemas with functional and join dependencies, which are also treated as a priori knowledge, and select-project sentences for policies and queries; we design an efficient signature-based enforcement mechanism that we implement for an Oracle/SQL-system. At declaration time, the inference signatures are compiled from an analysis of all possible crucial inferences, and at run time they are employed like in the field of intrusion detection.

Keywords

  • a priori knowledge
  • confidentiality policy
  • functional dependency
  • inference control
  • inference-usability confinement
  • interaction history
  • join dependency
  • refusal
  • relational database
  • select-project query
  • inference signature
  • SQL
  • template dependency

This work has been partially supported by the Deutsche Forschungsgemeinschaft under grant BI 311/12-2 and under grant SFB 876/A5 for the Collaborative Research Center “Providing Information by Resource-Constrained Data Analysis”.

Download conference paper PDF

References

  1. Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)

    MATH  Google Scholar 

  2. Biskup, J.: History-Dependent Inference Control of Queries by Dynamic Policy Adaption. In: Li, Y. (ed.) DBSec 2011. LNCS, vol. 6818, pp. 106–121. Springer, Heidelberg (2011)

    CrossRef  Google Scholar 

  3. Biskup, J.: Inference-usability confinement by maintaining inference-proof views of an information system. International Journal of Computational Science and Engineering 7(1), 17–37 (2012)

    CrossRef  Google Scholar 

  4. Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data Knowl. Eng. 38(2), 199–222 (2001)

    CrossRef  MATH  Google Scholar 

  5. Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Ann. Math. Artif. Intell. 50(1-2), 39–77 (2007)

    CrossRef  MathSciNet  MATH  Google Scholar 

  6. Biskup, J., Embley, D.W., Lochner, J.-H.: Reducing inference control to access control for normalized database schemas. Inf. Process. Lett. 106(1), 8–12 (2008)

    CrossRef  MathSciNet  MATH  Google Scholar 

  7. Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Inference-proof view update transactions with forwarded refreshments. Journal of Computer Security 19, 487–529 (2011)

    CrossRef  Google Scholar 

  8. Biskup, J., Hartmann, S., Link, S., Lochner, J.-H.: Chasing after secrets in relational databases. In: Laender, A.H.F., Lakshmanan, L.V.S. (eds.) Alberto Mendelzon International Workshop on Foundations of Data Management, AMW 2010. CEUR, vol. 619, pp. 13.1–13.12 (2010)

    Google Scholar 

  9. Biskup, J., Lochner, J.-H., Sonntag, S.: Optimization of the Controlled Evaluation of Closed Relational Queries. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 214–225. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  10. Biskup, J., Tadros, C.: Policy-based secrecy in the Runs & Systems Framework and controlled query evaluation. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) Advances in Information and Computer Security – International Workshop on Security, IWSEC 2010, Short Papers, pp. 60–77. Information Processing Society of Japan (2010)

    Google Scholar 

  11. Biskup, J., Wiese, L.: A sound and complete model-generation procedure for consistent and confidentiality-preserving databases. Theoretical Computer Science 412, 4044–4072 (2011)

    CrossRef  MathSciNet  MATH  Google Scholar 

  12. Fagin, R., Maier, D., Ullman, J.D., Yannakakis, M.: Tools for template dependencies. SIAM J. Comput. 12(1), 36–59 (1983)

    CrossRef  MathSciNet  MATH  Google Scholar 

  13. Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. ACM Trans. Inf. Syst. Secur. 12(1), 5.1–5.47 (2008)

    Google Scholar 

  14. Kaushik, R., Ramamurthy, R.: Efficient auditing for complex SQL queries. In: Sellis, T.K., Miller, R.J., Kementsietsidis, A., Velegrakis, Y. (eds.) ACM SIGMOD International Conference on Management of Data, SIGMOD 2011, pp. 697–708. ACM (2011)

    Google Scholar 

  15. Ligatti, J., Reddy, S.: A Theory of Runtime Enforcement, with Results. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 87–100. Springer, Heidelberg (2010)

    CrossRef  Google Scholar 

  16. Sadri, F., Ullman, J.D.: Template dependencies: A large class of dependencies in relational databases and its complete axiomatization. J. ACM 29(2), 363–372 (1982)

    CrossRef  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fakultät für Informatik, Technische Universität Dortmund, Germany

    Joachim Biskup, Jan-Hendrik Lochner & Torsten Schlotmann

  2. Institut für Informatik, Technische Universität Clausthal, Germany

    Sven Hartmann

  3. Department of Computer Science, The University of Auckland, New Zealand

    Sebastian Link

Authors
  1. Joachim Biskup
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sven Hartmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sebastian Link
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jan-Hendrik Lochner
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Torsten Schlotmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Télécom Bretagne, Campus de Rennes 2, rue de la Châtaigneraie, 35512, Cesson Sévigné Cedex, France

    Nora Cuppens-Boulahia, Frédéric Cuppens & Joaquin Garcia-Alfaro,  & 

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Biskup, J., Hartmann, S., Link, S., Lochner, JH., Schlotmann, T. (2012). Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds) Data and Applications Security and Privacy XXVI. DBSec 2012. Lecture Notes in Computer Science, vol 7371. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31540-4_5

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-31540-4_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31539-8

  • Online ISBN: 978-3-642-31540-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature