Abstract
We show how deductive databases may be protected against unauthorized retrieval and update requests issued by authenticated users. To achieve this protection, a deductive database is expressed in an equivalent form that is guaranteed to permit only authorized actions. When a user poses a query Q on the protected form of a database, the user sees the subset of the answers for Q that they are permitted to know are true in the database; when a user’s update request is received, a minimal set of authorized changes the user is permitted to make to the database is performed. The authorized retrieval and update requests are specified using a security theory that is expressed in normal clause logic. The approach has a number of attractive technical results associated with it, and can be used to protect the information in any deductive database that is expressed in normal clause logic.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Abiteboul, S., Hull, R., and Vianu, V., Foundations of Databases, Addison-Wesley, 1995.
Apt, K., and Bezem, M., Acyclic Programs, New Generation Computing, 1990.
Barker, S., Security Policy Specification in Logic, ICAI’2000, 2000.
Barker, S., Data Protection by Logic Programming, 1st International Conference on Computational Logic, LNAI 1861, Springer, 2000.
Barker, S., TRBACN: A Temporal Authorization Model, To Appear.
Bonatti, P., Kraus, S., and Subrahmanian, V., Foundations of Secure Deductive Databases, IEEE Transactions on Knowledge and Data Engineering,7, 3, 1995.
Brass, S., SLDMagic-The Real Magic (With Applications to Web Queries), 1st International Conference on Computational Logic, LNAI 1861, Springer, 2000.
Castano, S., Fugini, M., Martella, G., and Samarati, P., Database Security, Addison-Wesley, 1995.
Chen, W., and Warren, D., Tabled Evaluation with Delaying for General Logic Programs, J. ACM, 43(1), 1996.
Clark, K., Negation as Failure, in H Gallaire and J. Minker(Eds), Logic and Databases, Plenum, NY, 1978.
Cuppens, F., and Demolombe, R., A Modal Logical Framework for Security Policies, ISMIS’97, 1997.
Decker, H., and Celma, M., A Slick Procedure for Integrity Checking in Deductive Databases, ICLP, 1994.
Ferraiolo, D., Cugini, J., and Kuhn, R., Role-Based Access Control (RBAC): Features and Motivations, Proc. of the Annual Computer Security Applications Conf., IEEE Computer Science Press, 1995.
Jajodia, S., Samarati, P., and Subrahmanian, V., A Logical Language for Expressing Authorizations, Proc. IEEE Symp. on Security and Privacy, 1997.
Jamil, H., Belief Reasoning in MLS Deductive Databases, ACM SIGMOD’99, 1999.
LLoyd, J., Foundations of Logic Programming, Springer, 1987.
Minker, J., Logic and Databases: A 20 Year Retrospective, 1st International Workshop on Logic in Databases, LNCS 1154, Springer, 1996.
Przymusinski, T., Perfect Model Semantics, Proc. 5th ICLP, 1988.
Sandhu, R., Coyne, E., Feinstein, H., and Youman, C., Role-Based Access Control Models, IEEE Computer, 1996.
Sagonas, K., Swift, T., Warren, D., Freire, J., Rao, P., The XSB System, Version 2.0, Programmer’s Manual, 1999.
VanGelder, A., Ross, K., and Schlipf, J., The Well-Founded Semantics for General Logic Programs, J. ACM, 38(3), 1991.
Vardi, M., The Complexity of Query Languages, ACM Symp. on the Theory of Computing, May, 1982.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barker, S. (2001). Secure Deductive Databases. In: Ramakrishnan, I.V. (eds) Practical Aspects of Declarative Languages. PADL 2001. Lecture Notes in Computer Science, vol 1990. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45241-9_9
Download citation
DOI: https://doi.org/10.1007/3-540-45241-9_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41768-2
Online ISBN: 978-3-540-45241-6
eBook Packages: Springer Book Archive