Abstract
In a database system, authorization-based access-control is generally the first line of defense, preventing unauthorized accesses to secret or sensitive data. However, this mechanism is susceptible to security breaches due to improper authorization (e.g., the general public is mistakenly granted access to a copy of sensitive data) and cannot block insider attacks (an authorized user accidentally or intentionally discloses secrets to outsiders). Supplementary to access-control, the release-control mechanism is to check all the outgoing documents for any leak of secret or sensitive information. This paper reports preliminary results on a specific release-control task, namely, how to deal with sensitive associations that need to be restricted from releasing. A sensitive association refers to a pair of values whose connection involves some secrets. The disclosure of such a pair may reveal the secretive connection and therefore should be controlled. The release control of sensitive associations is a very challenging and long term research problem. This paper introduces techniques to identify and represent sensitive associations hidden in a database.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bettini, C., Wang, X.S., Jajodia, S.: A learning-based approach to information release control. In: Proceedings of the Sixth IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (IICIS), Kluwer, Dordrecht (2003)
Brewster, K.: Inference and aggregation issues in secure database management systems. Technical Report 005, NCSC (1996)
Date, C.J.: An introduction to Database Systems, 7th edn. Addison Wesley Logman, Inc., Reading (2000)
Denning, D.E.: A preliminary note on the inference problem in multilevel database system. In: Proc. NCSC Invitational Workshop on Database Security, Baltimore, MD (June 1986)
Farkas, C., Jajodia, S.: The inference problem: A survey. ACM SIGKDD Explorations 4(2), 6–11 (2003)
Hristidis, V., Papakonstantinou, Y.: DISCOVER: Keyword search in relational databases. In: VLDB, pp. 670–681 (2002)
Krishnamurthy, R., Boral, H., Zaniolo, C.: Optimization of nonrecursive queries. In: VLDB, pp. 128–137 (1986)
Rosenthal, A., Wiederhold, G.: Document release versus data access controls: Two sides of a coin? In: Proceedings of the Tenth CIKM, November 5-10, pp. 544–546. ACM Press, New York (2001)
Thuraisingham, B., Ford, W.: Security constraints in a multilevel secure distributed database management system. IEEE Trans. Knowl. Data Eng. 7(2), 274–293 (1995)
Wheeldon, R., Levene, M., Keenoy, K.: Search and navigation in relational databases (July 2003), arXiv.org Computer Science e-print
Wiederhold, G.: Protecting information when access is granted for collaboration. In: Proc. of Data and Application Security, Development and Directions, IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security, pp. 1–14 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bettini, C., Wang, X.S., Jajodia, S. (2004). Identifying Sensitive Associations in Databases for Release Control. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2004. Lecture Notes in Computer Science, vol 3178. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30073-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-30073-1_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22983-4
Online ISBN: 978-3-540-30073-1
eBook Packages: Springer Book Archive