Requirements and Protocols for Inference-Proof Interactions in Information Systems

  • Joachim Biskup
  • Christian Gogolin
  • Jens Seiler
  • Torben Weibert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Inference control aims at disabling a participant to gain a piece of information to be kept confidential. Considering a provider-client architecture for information systems, we present transaction-based protocols for provider-client interactions and prove that the incorporated inference control performed by the provider is effective indeed. The interactions include the provider answering a client’s query and processing update requests of two forms. Such a request is either initiated by the provider and thus possibly to be forwarded to clients in order to refresh their views, or initiated by a client according to his view and thus to be translated to the repository maintained by the provider.


Integrity Constraint Local View Covert Channel Query Answering Inference Control 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)zbMATHGoogle Scholar
  2. 2.
    Bancilhon, F., Spyratos, N.: Update semantics of relational views. ACM Trans. Database Syst. 6(4), 557–575 (1981)CrossRefzbMATHGoogle Scholar
  3. 3.
    Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data Knowl. Eng. 38(2), 199–222 (2001)CrossRefzbMATHGoogle Scholar
  4. 4.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. Int. J. Inf. Sec. 3, 14–27 (2004)CrossRefGoogle Scholar
  5. 5.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation for known policies by combining lying and refusal. Ann. Math. Art. Intell. 40, 37–62 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Ann. Math. Art. Intell. 50, 39–77 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Biskup, J., Weibert, T.: Confidentiality policies for controlled query evaluation. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 1–13. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. Int. J. Inf. Sec. 7, 199–217 (2008)CrossRefGoogle Scholar
  9. 9.
    Biskup, J., Embley, D., Lochner, J.-H.: Reducing inference control to access control for normalized database schemas. Information Processing Letters 106, 8–12 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Biskup, J.: Security in Computing Systems – Challenges, Approaches and Solutions. Springer, Heidelberg (2009)zbMATHGoogle Scholar
  11. 11.
    Biskup, J., Lochner, J.-H., Sonntag, S.: Optimization of the controlled evaluation of closed relational queries. In: Proc. IFIP/SEC 2009, IFIP Series 297, pp. 214–225. Springer, Heidelberg (2009)Google Scholar
  12. 12.
    Biskup, J., Seiler, J., Weibert, T.: Controlled query evaluation and inference-free view updates. In: DBSec 2009. LNCS, vol. 5645, pp. 1–16. Springer, Heidelberg (2009)Google Scholar
  13. 13.
    Bohannon, A., Pierce, B.C., Vaughan, J.A.: Relational lenses: a language for updatable views. In: PODS 2006, pp. 338–347. ACM, New York (2006)Google Scholar
  14. 14.
    Bonatti, P.A., Kraus, S., Subrahmanian, V.S.: Foundations of secure deductive databases. IEEE Trans. Knowledge and Data Eng. 7(3), 406–422 (1995)CrossRefGoogle Scholar
  15. 15.
    Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: constraints, inference channels and monitoring disclosure. IEEE Trans. Knowledge and Data Eng. 12(6), 900–919 (2000)CrossRefGoogle Scholar
  16. 16.
    Cuppens, F., Gabillon, A.: Logical foundation of multilevel databases. Data Knowl. Eng. 29, 259–291 (1999)CrossRefzbMATHGoogle Scholar
  17. 17.
    Cuppens, F., Gabillon, A.: Cover story management. Data Knowl. Eng. 37, 177–201 (2001)CrossRefzbMATHGoogle Scholar
  18. 18.
    Dayal, U., Bernstein, P.A.: On correct translation of update operations on relational views. ACM Trans. Database Systems 8, 381–416 (1982)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Denning, D.E.: Cryptography and Data Security. Addison-Wesley, Reading (1982)zbMATHGoogle Scholar
  20. 20.
    Denning, D.E., Akl, S., Heckman, M., Lunt, T., Morgenstern, M., Neumann, P., Schell, R.: Views for multilevel database security. IEEE Trans. Software Eng. 13(2), 129–140 (1987)CrossRefGoogle Scholar
  21. 21.
    Evfimieski, A., Fagin, R., Woodruff, D.: Epistemic privacy. In: PODS 2008, pp. 171–180. ACM, New York (2008)Google Scholar
  22. 22.
    Farkas, C., Toland, T.S., Eastman, C.M.: The inference problem and updates in relational databases. In: Proc. DBSec 2001, IFIP Conf. Proc., vol. 215, pp. 181–194. Kluwer, Dordrecht (2001)Google Scholar
  23. 23.
    Farkas, C., Jajodia, S.: The inference problem: a survey. SIGKDD Explor. Newsl. 4(2), 6–11 (2002)CrossRefGoogle Scholar
  24. 24.
    Goquen, J.A., Mesequer, J.: Unwinding and inference control. In: Proc. IEEE Symp. on Security and Privacy, Oakland, pp. 75–86 (1984)Google Scholar
  25. 25.
    Gray III, J.W.: Toward a mathematical foundation for information flow properties. In: Proc. IEEE Symposium on Security and Privacy, Oakland, pp. 21–34 (1991)Google Scholar
  26. 26.
    Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. ACM Trans. Information and Systems Security 12(1), Article 5, 5.1–5.47 (2008)CrossRefGoogle Scholar
  27. 27.
    Hegner, S.J.: An order-based theory of updates for relational views. Ann. Math. Art. Intell. 40, 63–125 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  28. 28.
    Jajodia, S., Sandhu, R.S.: Towards a multilevel secure relational data model. In: Proc. ACM SIGMOD Int. Conf. on Management of Data, pp. 50–59 (May 1991)Google Scholar
  29. 29.
    Kenthapadi, K., Mishra, N., Nissim, K.: Simulatable auditing. In: PODS 2005, pp. 118–127. ACM, New York (2005)Google Scholar
  30. 30.
    Langerak, R.: View updates in relational databases with an independent scheme. ACM Trans. Database Systems 15, 40–66 (1990)MathSciNetCrossRefGoogle Scholar
  31. 31.
    Lunt, T.F., Denning, D.E., Schell, R.R., Heckman, M., Shockley, W.R.: The SeaView security model. IEEE Trans. Software Eng. 16(6), 593–607 (1990)CrossRefGoogle Scholar
  32. 32.
    Mantel, H.: On the composition of secure systems. In: Proc. 2002 IEEE Symp. on Security and Privacy, Oakland, pp. 88–101 (2002)Google Scholar
  33. 33.
    Miklau, G., Suciu, D.: A formal analysis of information disclosure in data exchange. J. Computer and System Sciences 73, 507–534 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Motwani, R., Nabar, S.U., Thomas, D.: Auditing SQL queries. In: Proc. Int. Conf. on Data Eng., ICDE 2008, pp. 287–296. IEEE, Los Alamitos (2008)CrossRefGoogle Scholar
  35. 35.
    Nabar, S.U., Narthi, B., Kenthapadi, K., Mishra, N., Motwani, R.: Towardsa robustness in query auditing. In: VLDB 2006, VLDB Endowment, pp. 151–162 (2006)Google Scholar
  36. 36.
    Ryan, P.: Mathematical models of computer security. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 1–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  37. 37.
    Sandhu, R.S., Jajodia, S.: Polyinstantiation for cover stories. In: Deswarte, Y., Quisquater, J.-J., Eizenberg, G. (eds.) ESORICS 1992. LNCS, vol. 648, pp. 307–328. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  38. 38.
    Santen, T.: A formal framework for confidentiality-preserving refinement. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 225–242. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  39. 39.
    Sicherman, G.L., de Jonge, W., van de Riet, R.P.: Answering queries without revealing secrets. ACM Trans. Database Systems 8(1), 41–59 (1983)CrossRefzbMATHGoogle Scholar
  40. 40.
    Stouppa, P., Studer, T.: Data privacy for ALC knowledge bases. In: Artemov, S., Nerode, A. (eds.) LFCS 2009. LNCS, vol. 5407, pp. 309–421. Springer, Heidelberg (2008)Google Scholar
  41. 41.
    Winslett, M., Smith, K., Qian, X.: Formal query languages for secure relational databases. ACM Trans. Database Systems 19(4), 626–662 (1994)CrossRefGoogle Scholar
  42. 42.
    Zhang, Z., Mendelzon, A.O.: Authorization views and conditional query containment. In: Eiter, T., Libkin, L. (eds.) ICDT 2005. LNCS, vol. 3363, pp. 259–273. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Christian Gogolin
    • 1
  • Jens Seiler
    • 1
  • Torben Weibert
    • 1
  1. 1.Fakultät für InformatikTechnische Universität DortmundDortmundGermany

Personalised recommendations