Combining Consistency and Confidentiality Requirements in First-Order Databases

In a logical setting, consistency of a database instance with constraints is a fundamental requirement. We show how satisfaction of a set of constraints guarantees confidentiality of some information declared secret by a security policy --- albeit at the cost of some modified database entries. We identify a very general class of constraints for which this problem is effectively and in many cases efficiently solvable by means of an automatic procedure. A distance minimization ensures maximal availability of correct database entries.

[1]  Sushil Jajodia,et al.  Polyinstantation for Cover Stories , 1992, ESORICS.

[2]  Allen S. Parrish,et al.  Enhancing Database Access Control by Facilitating Non-Key Related Cover Stories , 2005, J. Database Manag..

[3]  Joachim Biskup,et al.  Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings , 2007, ESORICS.

[4]  Joachim Biskup,et al.  Preprocessing for controlled query evaluation with availability policy , 2008, J. Comput. Secur..

[5]  Jean-Jacques Quisquater,et al.  Computer Security — ESORICS 92 , 1992, Lecture Notes in Computer Science.

[6]  Sushil Jajodia,et al.  Fragmentation and Encryption to Enforce Privacy in Data Storage , 2007, ESORICS.

[7]  A. Galinovic,et al.  Polyinstantiation in Relational Databases with Multilevel Security , 2007, 2007 29th International Conference on Information Technology Interfaces.

[8]  Joachim Biskup,et al.  Controlled query evaluation with open queries for a decidable relational submodel , 2007, Annals of Mathematics and Artificial Intelligence.

[9]  Ronald Fagin,et al.  Data exchange: semantics and query answering , 2005, Theor. Comput. Sci..

[10]  Helmut Seidl,et al.  Exact XML Type Checking in Polynomial Time , 2007, ICDT.

[11]  Rodney W. Topor,et al.  Safety and translation of relational calculus , 1991, TODS.

[12]  Marianne Winslett,et al.  Updating logical databases , 1990, Cambridge tracts in theoretical computer science.

[13]  Richard C. T. Lee,et al.  Symbolic logic and mechanical theorem proving , 1973, Computer science classics.

[14]  Jan Chomicki,et al.  Consistent Query Answering: Five Easy Pieces , 2007, ICDT.

[15]  Joachim Biskup,et al.  Inference Control in Logic Databases as a Constraint Satisfaction Problem , 2007, ICISS.

[16]  Lena Wiese,et al.  Using SAT-Solvers to Compute Inference-Proof Database Instances , 2009, DPM/SETOP.

[17]  Phiniki Stouppa,et al.  Data Privacy for Knowledge Bases , 2009, LFCS.

[18]  Frédéric Cuppens,et al.  Cover story management , 2001, Data Knowl. Eng..

[19]  Jianwen Su,et al.  Domain independence and the relational calculus , 1994, Acta Informatica.

[20]  Serge Abiteboul,et al.  Foundations of Databases , 1994 .

[21]  Yuri Gurevich,et al.  The Classical Decision Problem , 1997, Perspectives in Mathematical Logic.

[22]  Marianne Winslett,et al.  Entity Modeling in the MLS Relational Model , 1992, VLDB.