Inference Control in Data Integration Systems

Specifying a global policy in a data integration system in a traditional way would not necessarily offer a sound and efficient solution to deal with the inference problem [8]. This is mainly due to the fact that data dependencies between distributed data sets are not taken into account when local policies attached to local sources are defined. In this paper, by using formal concept analysis, we propose a methodology, together with a set of algorithms that can help to detect security breaches by reasoning about semantic constraints. Given a set of local policies, an initial global policy and data dependencies, we propose an approach that allows the security administrator to derive a set of queries so that when their results are combined they could lead to security breaches. We detect the set of additional rules which will be used to extend the policy of the mediator in order to block security breaches. We also discuss a set of experiments we conducted.

[1]  Gultekin Özsoyoglu,et al.  Data Dependencies and Inference Control in Multilevel Relational Database Systems , 1987, 1987 IEEE Symposium on Security and Privacy.

[2]  Arnon Rosenthal,et al.  View security as the basis for data warehouse security , 2000, DMDW.

[3]  Dorothy E. Denning,et al.  Inference Controls for Statistical Databases , 1983, Computer.

[4]  Bernhard Ganter,et al.  Formal Concept Analysis: Mathematical Foundations , 1998 .

[5]  Patrick Valduriez,et al.  Principles of Distributed Database Systems, Third Edition , 2011 .

[6]  Cherukuri Aswani Kumar,et al.  Designing role-based access control using formal concept analysis , 2013, Secur. Commun. Networks.

[7]  Mohand-Said Hacid,et al.  Data Integration in Presence of Authorization Policies , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[8]  Mohand-Said Hacid,et al.  Access Control for Data Integration in Presence of Data Dependencies , 2014, DASFAA.

[9]  S. Sudarshan,et al.  Extending query rewriting techniques for fine-grained access control , 2004, SIGMOD '04.

[10]  Sushil Jajodia,et al.  Assessing query privileges via safe and efficient permission composition , 2008, CCS.

[11]  Arnon Rosenthal,et al.  Administering Permissions for Distributed Data: Factoring and Automated Inference , 2001, DBSec.

[12]  Bartosz Zieliński,et al.  Modelling role hierarchy structure using the Formal Concept Analysis , 2010, Ann. UMCS Informatica.

[13]  Sushil Jajodia,et al.  The inference problem: a survey , 2002, SKDD.

[14]  Jan Schlörer,et al.  Security of statistical databases: multidimensional transformation , 1980, TODS.

[15]  Mohand-Said Hacid,et al.  Effectively and efficiently selecting access control rules on materialized views over relational databases , 2010, IDEAS '10.

[16]  Mohand-Said Hacid,et al.  Secure Data Integration: A Formal Concept Analysis Based Approach , 2014, DEXA.

[17]  C. Chandrasekar,et al.  Modeling Chinese wall access control using formal concept analysis , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[18]  José Meseguer,et al.  Unwinding and Inference Control , 1984, 1984 IEEE Symposium on Security and Privacy.

[19]  I. P. Fellegi,et al.  Statistical Confidentiality: Some Theory and Application to Data Dissemination , 1974 .

[20]  Patrick Valduriez,et al.  Principles of Distributed Database Systems , 1990 .