论文信息 - For Unknown Secrecies Refusal is Better than Lying

For Unknown Secrecies Refusal is Better than Lying

A shared information system is expected to comply with the following potentially conflicting requirements. It should provide useful answers to arbitrary queries, while on the other hand it should preserve certain secrets according to a security policy. We study and compare two previously suggested approaches to meet these requirements, namely refusal of statements and lying. The investigation is performed using a highly abstract and general framework, both with respect to the information system and the preservation of secrets. The assessment shows that for unknown secrecies refusal is better than lying. In particular, while preserving the same secrets refusal can provide more useful answers.

Joachim Biskup

[1] José Meseguer,et al. Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[2] Reind P. van de Riet,et al. Answering queries without revealing secrets , 1983, TODS.

[3] Dorothy E. Denning,et al. Cryptography and Data Security , 1982 .

[4] Frédéric Cuppens,et al. Information Flow Controls vs Interference Controls: An Integrated Approach , 1994, ESORICS.

[5] Sarit Kraus,et al. Foundations of Secure Deductive Databases , 1995, IEEE Trans. Knowl. Data Eng..

[6] Ellis S. Cohen. Information transmission in computational systems , 1977, SOSP '77.

[7] Ronald Fagin,et al. Reasoning about knowledge , 1995 .

[8] Joseph R. Shoenfield,et al. Mathematical logic , 1967 .