%0 Conference Proceedings
%T Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies
%+ Fakultät für Informatik
%+ Institut für Informatik [Clausthal]
%+ Department of Computer Science [Auckland]
%A Biskup, Joachim
%A Hartmann, Sven
%A Link, Sebastian
%A Lochner, Jan-Hendrik
%A Schlotmann, Torsten
%Z Part 3: Confidentiality and Privacy
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 26th Conference on Data and Applications Security and Privacy (DBSec)
%C Paris, France
%Y Nora Cuppens-Boulahia
%Y Frédéric Cuppens
%Y Joaquin Garcia-Alfaro
%I Springer
%3 Data and Applications Security and Privacy XXVI
%V LNCS-7371
%P 56-73
%8 2012-07-11
%D 2012
%R 10.1007/978-3-642-31540-4_5
%K a priori knowledge
%K confidentiality policy
%K functional dependency
%K inference control
%K inference-usability confinement
%K interaction history
%K join dependency
%K refusal
%K relational database
%K select-project query
%K inference signature
%K SQL
%K template dependency
%Z Computer Science [cs]Conference papers
%X Inference control of queries for relational databases confines the information content and thus the usability of data returned to a client, aiming to keep some pieces of information confidential as specified in a policy, in particular for the sake of privacy. In general, there is a tradeoff between the following factors: on the one hand, the expressiveness offered to administrators to declare a schema, a confidentiality policy and assumptions about a client’s a priori knowledge; on the other hand, the computational complexity of a provably confidentiality preserving enforcement mechanism. We propose and investigate a new balanced solution for a widely applicable situation: we admit relational schemas with functional and join dependencies, which are also treated as a priori knowledge, and select-project sentences for policies and queries; we design an efficient signature-based enforcement mechanism that we implement for an Oracle/SQL-system. At declaration time, the inference signatures are compiled from an analysis of all possible crucial inferences, and at run time they are employed like in the field of intrusion detection.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01534773/document
%2 https://inria.hal.science/hal-01534773/file/978-3-642-31540-4_5_Chapter.pdf
%L hal-01534773
%U https://inria.hal.science/hal-01534773
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-7371