Efficient Inference Control for Open Relational Queries

Abstract : We present a control mechanism for preserving confidentiality in relational databases under open queries. This mechanism is based on a reduction of costly inference control to efficient access control that has recently been developed for closed database queries. Our approach guarantees that secrets being declared in form of a confidentiality policy are not disclosed to database users even if they utilize their a priori knowledge to draw inferences. It turns out that there is no straightforward transition from the approach for closed queries to open queries. We show, however, that hiding the confidentiality policy from database users is sufficient to preserve confidentiality. Moreover, we propose an algorithmic implementation of the control mechanism.
Type de document :
Communication dans un congrès
Sara Foresti; Sushil Jajodia. 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC), Jun 2010, Rome, Italy. Springer, Lecture Notes in Computer Science, LNCS-6166, pp.162-176, 2010, Data and Applications Security and Privacy XXIV. 〈10.1007/978-3-642-13739-6_11〉
Liste complète des métadonnées

Littérature citée [27 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01056690
Contributeur : Hal Ifip <>
Soumis le : mercredi 20 août 2014 - 13:23:42
Dernière modification le : vendredi 11 août 2017 - 17:32:58
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 11:48:48

Fichier

_20.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Joachim Biskup, Sven Hartmann, Sebastian Link, Jan-Hendrik Lochner. Efficient Inference Control for Open Relational Queries. Sara Foresti; Sushil Jajodia. 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC), Jun 2010, Rome, Italy. Springer, Lecture Notes in Computer Science, LNCS-6166, pp.162-176, 2010, Data and Applications Security and Privacy XXIV. 〈10.1007/978-3-642-13739-6_11〉. 〈hal-01056690〉

Partager

Métriques

Consultations de la notice

62

Téléchargements de fichiers

79