Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies

  • Joachim Biskup
  • Sven Hartmann
  • Sebastian Link
  • Jan-Hendrik Lochner
  • Torsten Schlotmann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7371)


Inference control of queries for relational databases confines the information content and thus the usability of data returned to a client, aiming to keep some pieces of information confidential as specified in a policy, in particular for the sake of privacy. In general, there is a tradeoff between the following factors: on the one hand, the expressiveness offered to administrators to declare a schema, a confidentiality policy and assumptions about a client’s a priori knowledge; on the other hand, the computational complexity of a provably confidentiality preserving enforcement mechanism. We propose and investigate a new balanced solution for a widely applicable situation: we admit relational schemas with functional and join dependencies, which are also treated as a priori knowledge, and select-project sentences for policies and queries; we design an efficient signature-based enforcement mechanism that we implement for an Oracle/SQL-system. At declaration time, the inference signatures are compiled from an analysis of all possible crucial inferences, and at run time they are employed like in the field of intrusion detection.


a priori knowledge confidentiality policy functional dependency inference control inference-usability confinement interaction history join dependency refusal relational database select-project query inference signature SQL template dependency 


  1. 1.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley, Reading (1995)zbMATHGoogle Scholar
  2. 2.
    Biskup, J.: History-Dependent Inference Control of Queries by Dynamic Policy Adaption. In: Li, Y. (ed.) DBSec 2011. LNCS, vol. 6818, pp. 106–121. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  3. 3.
    Biskup, J.: Inference-usability confinement by maintaining inference-proof views of an information system. International Journal of Computational Science and Engineering 7(1), 17–37 (2012)CrossRefGoogle Scholar
  4. 4.
    Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data Knowl. Eng. 38(2), 199–222 (2001)CrossRefzbMATHGoogle Scholar
  5. 5.
    Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. Ann. Math. Artif. Intell. 50(1-2), 39–77 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Biskup, J., Embley, D.W., Lochner, J.-H.: Reducing inference control to access control for normalized database schemas. Inf. Process. Lett. 106(1), 8–12 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Biskup, J., Gogolin, C., Seiler, J., Weibert, T.: Inference-proof view update transactions with forwarded refreshments. Journal of Computer Security 19, 487–529 (2011)CrossRefGoogle Scholar
  8. 8.
    Biskup, J., Hartmann, S., Link, S., Lochner, J.-H.: Chasing after secrets in relational databases. In: Laender, A.H.F., Lakshmanan, L.V.S. (eds.) Alberto Mendelzon International Workshop on Foundations of Data Management, AMW 2010. CEUR, vol. 619, pp. 13.1–13.12 (2010)Google Scholar
  9. 9.
    Biskup, J., Lochner, J.-H., Sonntag, S.: Optimization of the Controlled Evaluation of Closed Relational Queries. In: Gritzalis, D., Lopez, J. (eds.) SEC 2009. IFIP AICT, vol. 297, pp. 214–225. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Biskup, J., Tadros, C.: Policy-based secrecy in the Runs & Systems Framework and controlled query evaluation. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) Advances in Information and Computer Security – International Workshop on Security, IWSEC 2010, Short Papers, pp. 60–77. Information Processing Society of Japan (2010)Google Scholar
  11. 11.
    Biskup, J., Wiese, L.: A sound and complete model-generation procedure for consistent and confidentiality-preserving databases. Theoretical Computer Science 412, 4044–4072 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Fagin, R., Maier, D., Ullman, J.D., Yannakakis, M.: Tools for template dependencies. SIAM J. Comput. 12(1), 36–59 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Halpern, J.Y., O’Neill, K.R.: Secrecy in multiagent systems. ACM Trans. Inf. Syst. Secur. 12(1), 5.1–5.47 (2008)Google Scholar
  14. 14.
    Kaushik, R., Ramamurthy, R.: Efficient auditing for complex SQL queries. In: Sellis, T.K., Miller, R.J., Kementsietsidis, A., Velegrakis, Y. (eds.) ACM SIGMOD International Conference on Management of Data, SIGMOD 2011, pp. 697–708. ACM (2011)Google Scholar
  15. 15.
    Ligatti, J., Reddy, S.: A Theory of Runtime Enforcement, with Results. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 87–100. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Sadri, F., Ullman, J.D.: Template dependencies: A large class of dependencies in relational databases and its complete axiomatization. J. ACM 29(2), 363–372 (1982)CrossRefzbMATHGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Joachim Biskup
    • 1
  • Sven Hartmann
    • 2
  • Sebastian Link
    • 3
  • Jan-Hendrik Lochner
    • 1
  • Torsten Schlotmann
    • 1
  1. 1.Fakultät für InformatikTechnische Universität DortmundGermany
  2. 2.Institut für InformatikTechnische Universität ClausthalGermany
  3. 3.Department of Computer ScienceThe University of AucklandNew Zealand

Personalised recommendations