Abstract
Controlled Query Evaluation (CQE) offers a logical framework to prevent a user of a database from inadvertently gaining knowledge he is not allowed to know. By modeling the user’s a priori knowledge in an appropriate way, a CQE system can control not only plain access to database entries but also inferences made by the user. A dynamic CQE system that enforces inference control at runtime has already been investigated. In this article, we pursue a static approach that constructs an inference-proof database in a preprocessing step. The inference-proof database can respond to any query without enabling the user to infer confidential information. We illustrate the semantics of the system by a comprehensive example and state the essential requirements for an inference-proof and highly available database. We present an algorithm that accomplishes the preprocessing by combining SAT solving and “Branch and Bound”.
Chapter PDF
Similar content being viewed by others
Keywords
References
Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38(2), 199–222 (2001)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3(1), 14–27 (2004)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for known policies by combining lying and refusal. Annals of Mathematics and Artificial Intelligence 40(1-2), 37–62 (2004)
Biskup, J., Weibert, T.: Refusal in incomplete databases. In: Farkas, C., Samarati, P. (eds.) Proceedings of the 18th Annual IFIP WG 11.3 Conference on Data and Applications Security, Proceedings, pp. 143–157. Kluwer, Dordrecht (2004)
Chang, L., Moskowitz, I.S.: A study of inference problems in distributed databases. In: Gudes, E., Shenoi, S. (eds.) Proceedings of the 16th Annual IFIP WG 11.3 Conference on Data and Applications Security, pp. 191–204. Kluwer, Dordrecht (2002)
Davis, M., Logemann, G., Loveland, D.W.: A machine program for theorem-proving. Communications of the ACM 5(7), 394–397 (1962)
Davis, M., Putnam, H.: A computing procedure for quantification theory. Journal of the ACM 7(3), 201–215 (1960)
Delgrande, J.P., Schaub, T.: Two approaches to merging knowledge bases. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS, vol. 3229, pp. 426–438. Springer, Heidelberg (2004)
Domingo-Ferrer, J. (ed.): Inference Control in Statistical Databases. LNCS, vol. 2316. Springer, Heidelberg (2002)
Eén, N., Biere, A.: Effective preprocessing in SAT through variable and clause elimination. In: Bacchus, F., Walsh, T. (eds.) SAT 2005. LNCS, vol. 3569, pp. 61–75. Springer, Heidelberg (2005)
Farkas, C., Jajodia, S.: The inference problem: A survey. SIGKDD Explorations 4(2), 6–11 (2002)
Frühwirth, T., Abdennadher, S.: Essentials of Constraint Programming. Springer, Heidelberg (2003)
Ganai, M.K., Ashar, P., Gupta, A., Zhang, L., Malik, S.: Combining strengths of circuit-based and CNF-based algorithms for a high-performance SAT solver. In: Proceedings of the 39th Design Automation Conference, pp. 747–750. ACM Press, New York (2002)
Giunchiglia, E., Sebastiani, R.: Applying the Davis-Putnam procedure to non-clausal formulas. In: Lamma, E., Mello, P. (eds.) AI*IA 1999. LNCS (LNAI), vol. 1792, pp. 84–94. Springer, Heidelberg (2000)
Hale, J., Shenoi, S.: Analyzing fd inference in relational databases. Data & Knowledge Engineering 18(2), 167–183 (1996)
Subbarayan, S., Pradhan, D.K.: Niver: Non increasing variable elimination resolution for preprocessing SAT instances. In: Hoos, H., Mitchell, D.G. (eds.) SAT 2004. LNCS, vol. 3542, pp. 276–291. Springer, Heidelberg (2005)
Thiffault, C., Bacchus, F., Walsh, T.: Solving non-clausal formulas with DPLL search. In: 7th International Conference on Theory and Applications of Satisfiability Testing, Online Proceedings (2004)
Wang, L., Li, Y., Wijesekera, D., Jajodia, S.: Precisely answering multi-dimensional range queries without privacy breaches. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 100–115. Springer, Heidelberg (2003)
Yang, X., Li, C.: Secure XML publishing without information leakage in the presence of data inference. In: Nascimento, M.A., Özsu, M.T., Kossmann, D., Miller, R.J., Blakeley, J.A., Schiefer, K.B. (eds.) Proceedings of the 30th International Conference on Very Large Data Bases, pp. 96–107. Morgan Kaufmann, San Francisco (2004)
Zhang, L.: On subsumption removal and on-the-fly CNF simplification. In: Bacchus, F., Walsh, T. (eds.) SAT 2005. LNCS, vol. 3569, pp. 482–489. Springer, Heidelberg (2005)
Zhang, L., Malik, S.: The quest for efficient boolean satisfiability solvers. In: Voronkov, A. (ed.) CADE 2002. LNCS, vol. 2392, pp. 295–313. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Biskup, J., Wiese, L. (2006). On Finding an Inference-Proof Complete Database for Controlled Query Evaluation. In: Damiani, E., Liu, P. (eds) Data and Applications Security XX. DBSec 2006. Lecture Notes in Computer Science, vol 4127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11805588_3
Download citation
DOI: https://doi.org/10.1007/11805588_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36796-3
Online ISBN: 978-3-540-36799-4
eBook Packages: Computer ScienceComputer Science (R0)