Abstract
Controlled query evaluation enforces security policies for confidentiality in information systems. It deals with users who may apply background knowledge to infer additional information from the answers to their queries. For each query the correct answer is first judged by some censor and then - if necessary - appropriately modified to preserve security. In previous approaches, modification has been done uniformly, either by lying or by refusal. A drawback of lying is that all disjunctions of secrets must always be protected. On the other hand, refusal may hide an answer even when the correct answer does not immediately reveal a secret.
In this paper we introduce a hybrid answer modification method that appropriately combines lying and refusal. We prove that the new method is secure under the models of known potential secrets and of known secrecies, respectively. Furthermore, we demonstrate that the combined approach can be more cooperative than uniform lies and uniform refusal, and enjoyes the advantages of both.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Biskup, J.: For unknown secrecies refusal is better than lying, Data and Knowledge Engineering, 33 (2000), pp. 1–23.
Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets, Data and Knowledge Engineering, 38 (2001), pp. 199–222.
Bonatti, P.A., Kraus, S., Subrahmanian, V.S.: Foundations of secure deductive databases, IEEE Transactions on Knowledge and Data Engineering 7,3 (1995), pp. 406–422.
Dawson, S., De Capitani di Vimercati, S., Lincoln, P., Samarati, P.: Minimal data upgrading to prevent inference and association attacks, Proc. of the 18th ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), 1999, pp. 114–125.
Lloyd, J.W.: Foundations of Logic Programming, Springer, 1987.
Quian, X.: View-based access control with high assurance. Proc. of the 1996 IEEE Symp. on Security and privacy, 1996, pp. 85–93.
Shoenfield, J.R.: Mathematical Logic, Addison-Wesley, Reading etc., 1967.
Sicherman, G.L., de Jonge, W., van de Riet, R.P.: Answering queries without revealing secrets, ACM Transactions on Database Systems 8,1 (1983), pp. 41–59.
Stickel, M.E.: Elimination of inference channels by optimal upgrading. In Proc. of the 1994 IEEE Symposium on Security and Privacy, 1994, pp. 168–174.
Su, T.A., Ozsoyoglu, G.: Controlling FD and MVD inferences in multilevel relational database systems. IEEE Trans. on Knowledge and Data Engineering, 3(4):474–485, (1991).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J., Bonatti, P. (2002). Controlled Query Evaluation for Known Policies by Combining Lying and Refusal. In: Eiter, T., Schewe, KD. (eds) Foundations of Information and Knowledge Systems. FoIKS 2002. Lecture Notes in Computer Science, vol 2284. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45758-5_4
Download citation
DOI: https://doi.org/10.1007/3-540-45758-5_4
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43220-3
Online ISBN: 978-3-540-45758-9
eBook Packages: Springer Book Archive