Secrecy-Preserving Reasoning using Secrecy Envelopes

In many applications of networked information systems, the need to share information often has to be balanced against the need to protect secret information from unintended disclosure, e.g., due to copyright, privacy, security, or commercial considerations. We study the problem of secrecy-preserving reasoning, that is, answering queries using secret information, whenever it is possible to do so, without compromising secret information. In the case of a knowledge base that is queried by a single querying agent, we introduce the notion of a secrecy envelope. This is a superset of the secret part of the knowledge base that needs to be concealed from the querying agent in order to ensure that the secret information is not compromised. We establish several important properties of secrecy envelopes and present an algorithm for computing minimal secrecy envelopes. We extend our analysis of secrecy preserving reasoning to the setting where different parts of the knowledge base need to be protected from different querying agents that are subject to certain restrictions on the sharing of answers supplied to them by the knowledge base.

[1]  Frank Thomson Leighton,et al.  Multicommodity max-flow min-cut theorems and their use in designing approximation algorithms , 1999, JACM.

[2]  Chris Clifton,et al.  Tools for privacy preserving distributed data mining , 2002, SKDD.

[3]  Bruce A. Reed,et al.  Multicuts in unweighted graphs and digraphs with bounded degree and bounded tree-width , 2003, J. Algorithms.

[4]  Lifang Gu,et al.  Privacy-preserving data linkage protocols , 2004, WPES '04.

[5]  Mark Giereth,et al.  On Partial Encryption of RDF-Graphs , 2005, SEMWEB.

[6]  Yuval Rabani,et al.  Approximating Directed Multicuts , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[7]  Yuval Rabani,et al.  On the Hardness of Approximating Multicut and Sparsest-Cut , 2005, Computational Complexity Conference.

[8]  Sushil Jajodia,et al.  Unauthorized inferences in semistructured databases , 2006, Inf. Sci..

[9]  Elisa Bertino,et al.  Secure knowledge management: confidentiality, trust, and privacy , 2006, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[10]  Amit Jain,et al.  Secure resource description framework: an access control model , 2006, SACMAT '06.

[11]  Mihalis Yannakakis,et al.  Primal-dual approximation algorithms for integral flow and multicut in trees , 1997, Algorithmica.

[12]  Sanjeev Khanna,et al.  Hardness of cut problems in directed graphs , 2006, STOC '06.

[13]  Lalana Kagal,et al.  Using Semantic Web Technologies for Policy Management on the Web , 2006, AAAI.

[14]  Norbert E. Fuchs,et al.  Semantic Web Policies - A Discussion of Requirements and Research Issues , 2006, ESWC.

[15]  James A. Hendler,et al.  Analyzing web access control policies , 2007, WWW '07.

[16]  Jie Bao,et al.  Privacy-Preserving Reasoning on the SemanticWeb , 2007, IEEE/WIC/ACM International Conference on Web Intelligence (WI'07).

[17]  Ian Horrocks,et al.  Privacy-Preserving Query Answering in Logic-based Information Systems , 2008, ECAI.

[18]  Vasant Honavar,et al.  Secrecy-Preserving Reasoning Over Entailment Systems: Theory and Applications , 2008 .

[19]  Cédric Bentz On the complexity of the multicut problem in bounded tree-width graphs and digraphs , 2008, Discret. Appl. Math..

[20]  Tubagus Mohammad Akhriza SECURE KNOWLEDGE MANAGEMENT: CONFIDENTIALITY, TRUST AND PRIVACY , 2010 .