Inference Control in Distributed Environment: A Comparison Study

Traditional access control models aim to prevent data leakage via direct accesses. A direct access occurs when a requester performs his query directly into the desired object, however these models fail to protect sensitive data from being accessed with inference channels. An inference channel is produced by the combination of a legitimate response which the user receives from the system and metadata. Detecting and removing inference in database systems guarantee a high quality design in terms of data secrecy and privacy. Parting from the fact that data distribution exacerbates inference problem, we give in this paper a survey of the current and emerging research on the inference problem in both centralized and distributed database systems and highlighting research directions in this field.

[1]  Srdjan Marinovic,et al.  Securing Databases from Probabilistic Inference , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[2]  Robert H. Deng,et al.  New Paradigm of Inference Control with Trusted Computing , 2007, DBSec.

[3]  Ira S. Moskowitz,et al.  A Study of Inference Problems in Distributed Databases , 2002, DBSec.

[4]  Gary B. Wills,et al.  Exposing data leakage in Data Integration Systems , 2014, The 9th International Conference for Internet Technology and Secured Transactions (ICITST-2014).

[5]  Matthias Klusch,et al.  Inference Attacks in Peer-to-Peer Homogeneous Distributed Data Mining , 2004, ECAI.

[6]  Sushil Jajodia,et al.  Fragmentation in Presence of Data Dependencies , 2014, IEEE Transactions on Dependable and Secure Computing.

[7]  Ira S. Moskowitz,et al.  An Agent-Based Approach to Inference Prevention in Distributed Database Systems , 2003, Int. J. Artif. Intell. Tools.

[8]  Panagiotis Katsaros,et al.  A Framework for Access Control with Inference Constraints , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference.

[9]  Csilla Farkas,et al.  The inference problem: Maintaining maximal availability in the presence of database updates , 2010, Comput. Secur..

[10]  Chris Clifton,et al.  Privacy-preserving data integration and sharing , 2004, DMKD '04.

[11]  Randall P. Wolf,et al.  Protecting databases from inference attacks , 1997, Comput. Secur..

[12]  Matthew Morgenstern,et al.  Controlling logical inference in multilevel database systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[13]  Joachim Biskup,et al.  Reducing inference control to access control for normalized database schemas , 2008, Inf. Process. Lett..

[14]  Bhavani M. Thuraisingham,et al.  The Use of Conceptual Structures for Handling the Inference Problem , 1991, DBSec.

[15]  Bhavani M. Thuraisingham,et al.  Design and Implementation of a Database Inference Controller , 1993, Data Knowl. Eng..

[16]  Bhavani M. Thuraisingham,et al.  Security checking in relational database management systems augmented with inference engines , 1987, Comput. Secur..

[17]  Emmanuel Coquery,et al.  Access control to materialized views: an inference-based approach , 2011, PhD '11.

[18]  Josep Domingo-Ferrer Advances in Inference Control in Statistical Databases: An Overview , 2002, Inference Control in Statistical Databases.

[19]  Sushil Jajodia,et al.  Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures , 2000, IEEE Trans. Knowl. Data Eng..

[20]  Mohand-Said Hacid,et al.  Access Control for Data Integration in Presence of Data Dependencies , 2014, DASFAA.

[21]  Karl N. Levitt,et al.  Data level inference detection in database systems , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[22]  Jessica Staddon,et al.  Dynamic inference control , 2003, DMKD '03.

[23]  Harry S. Delugach,et al.  Aerie: An Inference Modeling and Detection Approach for Databases , 1993, DBSec.

[24]  Emmanuel Coquery,et al.  Inference Leakage Detection for Authorization Policies over RDF Data , 2015, DBSec.

[25]  Mohand-Said Hacid,et al.  Secure Data Integration: A Formal Concept Analysis Based Approach , 2014, DEXA.

[26]  Jie Yang,et al.  Resist the Database Intrusion Caused by Functional Dependency , 2017, 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).

[27]  Wesley W. Chu,et al.  Database Security Protection Via Inference Detection , 2006, ISI.

[28]  Joachim Biskup,et al.  On the Inference-Proofness of Database Fragmentation Satisfying Confidentiality Constraints , 2011, ISC.

[29]  Glenn Shafer Detecting Inference Attacks Using Association Rules , 2001 .

[30]  Sven Hartmann,et al.  Efficient Inference Control for Open Relational Queries , 2010, DBSec.

[31]  Sujeet Shenoi,et al.  A Tool for Inference Detection and Knowledge Discovery in Databases , 1995, DBSec.

[32]  Gultekin Özsoyoglu,et al.  Controlling FD and MVD Inferences in Multilevel Relational Database Systems , 1991, IEEE Trans. Knowl. Data Eng..

[33]  Peter D. Karp,et al.  Detection and elimination of inference channels in multilevel relational database systems , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[34]  Sushil Jajodia,et al.  The inference problem: a survey , 2002, SKDD.

[35]  Harry S. Delugach,et al.  Wizard: A Database Inference Analysis and Detection System , 1996, IEEE Trans. Knowl. Data Eng..

[36]  Gary B. Wills,et al.  Formal Modelling of Data Integration Systems Security Policies , 2016, Data Science and Engineering.

[37]  Mohand-Said Hacid,et al.  Effectively and efficiently selecting access control rules on materialized views over relational databases , 2010, IDEAS '10.

[38]  Sujeet Shenoi,et al.  Catalytic inference analysis: detecting inference threats due to knowledge discovery , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[39]  Mohand-Said Hacid,et al.  Data Integration in Presence of Authorization Policies , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[40]  Nick Cercone,et al.  Dynamic inference control in privacy preference enforcement , 2006, PST.

[41]  Mohand-Said Hacid,et al.  Inference Control in Data Integration Systems , 2015, OTM Conferences.

[42]  Yu Chen,et al.  Protection of Database Security via Collaborative Inference Detection , 2008, IEEE Transactions on Knowledge and Data Engineering.

[43]  Thomas H. Hinke,et al.  Inference aggregation detection in database management systems , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[44]  Emmanuel Coquery,et al.  Authorization Policies for Materialized Views , 2012, SEC.

[45]  Nick Cercone,et al.  Auditing and Inference Control for Privacy Preservation in Uncertain Environments , 2006, EuroSSC.

[46]  Wendy Hui Wang,et al.  Privacy-preserving publishing microdata with full functional dependencies , 2011, Data Knowl. Eng..

[47]  Xiaofeng Xu,et al.  Database Fragmentation with Confidentiality Constraints: A Graph Search Approach , 2015, CODASPY.