Optimality and Complexity of Inference-Proof Data Filtering and CQE

  • Joachim Biskup
  • Piero A. Bonatti
  • Clemente Galdi
  • Luigi Sauro
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)


The ample literature on confidentiality-preserving data publishing – and controlled query evaluation (CQE) in particular – leaves several questions open. Are the greedy data-filtering algorithms adopted in the literature maximally cooperative? Can novel secure view formats or answer distortion methods improve security or cooperativeness? What is the inherent complexity of confidentiality-preserving data publishing under different constraints, such as cooperativeness and availability? Can the theoretical results on CQE be systematically extended to more general settings? In this paper we answer the above questions using a completely generic, abstract data filtering framework, independent from any syntactic details and data source encodings, and compatible with all possible distortion methods. Some of the main results are: Refusal-based filterings can be adopted as a normal form for all kinds of filterings; greedy refusal-based filterings are optimal; cooperativeness checks and some availability checks are coNP-hard in the simplest case.


Controlled query evaluation Maximally cooperative filterings Refusals and lies 


  1. 1.
    Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: A survey of recent developments. ACM Comput. Surv. 42(4) (2010)Google Scholar
  2. 2.
    Biskup, J.: For unknown secrecies refusal is better than lying. Data Knowl. Eng. 33(1), 1–23 (2000)CrossRefzbMATHGoogle Scholar
  3. 3.
    Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data Knowl. Eng. 38(2), 199–222 (2001)CrossRefzbMATHGoogle Scholar
  4. 4.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation for known policies by combining lying and refusal. Ann. Math. Artif. Intell. 40(1-2), 37–62 (2004)CrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Bonatti, P.A., Sauro, L.: A confidentiality model for ontologies. In: [21], pp. 17–32Google Scholar
  6. 6.
    Grau, B.C., Kharlamov, E., Kostylev, E.V., Zheleznyakov, D.: Controlled query evaluation over OWL 2 RL ontologies. In: [21], pp. 49–65Google Scholar
  7. 7.
    Sicherman, G.L., de Jonge, W., van de Riet, R.P.: Answering queries without revealing secrets. ACM Trans. Database Syst. 8(1), 41–59 (1983)CrossRefzbMATHGoogle Scholar
  8. 8.
    Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)CrossRefzbMATHMathSciNetGoogle Scholar
  9. 9.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symposium on Security and Privacy, pp. 11–20 (1982)Google Scholar
  10. 10.
    Biskup, J.: Security in Computing Systems - Challenges, Approaches and Solutions. Springer (2009)Google Scholar
  11. 11.
    Lunt, T.F.: Polyinstantiation: An inevitable part of a multilevel world. In: CSFW, pp. 236–238. IEEE Computer Society (1991)Google Scholar
  12. 12.
    Sandhu, R.S., Jajodia, S.: Polyinstantation for cover stories. In: Deswarte, Y., Quisquater, J.-J., Eizenberg, G. (eds.) ESORICS 1992. LNCS, vol. 648, pp. 307–328. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  13. 13.
    Bonatti, P.A., Kraus, S., Subrahmanian, V.S.: Foundations of secure deductive databases. IEEE Trans. Knowl. Data Eng. 7(3), 406–422 (1995)CrossRefGoogle Scholar
  14. 14.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Ann. Math. Artif. Intell. 50(1-2), 39–77 (2007)CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    Biskup, J., Tadros, C., Wiese, L.: Towards controlled query evaluation for incomplete first-order databases. In: Link, S., Prade, H. (eds.) FoIKS 2010. LNCS, vol. 5956, pp. 230–247. Springer, Heidelberg (2010)Google Scholar
  16. 16.
    Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Inference-proof view update transactions with forwarded refreshments. Journal of Computer Security 19(3), 487–529 (2011)Google Scholar
  17. 17.
    Biskup, J., Hartmann, S., Link, S., Lochner, J.H.: Efficient inference control for open relational queries. In: Foresti, S., Jajodia, S. (eds.) Data and Applications Security XXIV. LNCS, vol. 6166, pp. 162–176. Springer, Heidelberg (2010)Google Scholar
  18. 18.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. Freeman & Co., New York (1979)zbMATHGoogle Scholar
  19. 19.
    Baader, F., Knechtel, M., Peñaloza, R.: A generic approach for large-scale ontological reasoning in the presence of access restrictions to the ontology’s axioms. In: Bernstein, A., Karger, D.R., Heath, T., Feigenbaum, L., Maynard, D., Motta, E., Thirunarayan, K. (eds.) ISWC 2009. LNCS, vol. 5823, pp. 49–64. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  20. 20.
    Knechtel, M., Stuckenschmidt, H.: Query-based access control for ontologies. In: Hitzler, P., Lukasiewicz, T. (eds.) RR 2010. LNCS, vol. 6333, pp. 73–87. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  21. 21.
    Alani, H., et al. (eds.): ISWC 2013, Part I. LNCS, vol. 8218. Springer, Heidelberg (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Piero A. Bonatti
    • 2
  • Clemente Galdi
    • 2
  • Luigi Sauro
    • 2
  1. 1.Fakultät für InformatikTU DortmundGermany
  2. 2.Dip. Ing. Elet. e Tecnologie dell’InformazioneUniversità di Napoli Federico IIItaly

Personalised recommendations