Abstract
We investigate inference control in logic databases. The administrator defines a confidentiality policy, i. e., the pieces of information which may not be disclosed to a certain user. We present a static approach which constructs an alternative database instance in which the confidential information is replaced by harmless information. The construction is performed by the means of constraint programming: The task of finding an appropriate database instance is delegated to a hierarchical constraint solver. We compare this static approach to a dynamic inference control mechanism – Controlled Query Evaluation – investigated in earlier work, and we also point out possible extensions which make use of the various opportunities offered by hierarchical constraint solvers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Farkas, C., Jajodia, S.: The inference problem: A survey. SIGKDD Explorations 4(2), 6–11 (2002)
Biskup, J., Bonatti, P.A.: Controlled query evaluation for enforcing confidentiality in complete information systems. International Journal of Information Security 3, 14–27 (2004)
Biskup, J., Bonatti, P.A.: Controlled query evaluation with open queries for a decidable relational submodel. In: Dix, J., Hegner, S.J. (eds.) FoIKS 2006. LNCS, vol. 3861, pp. 43–62. Springer, Heidelberg (2006)
Biskup, J., Weibert, T.: Keeping secrets in incomplete databases. Submitted, 2007. In: FCS 2005. Extended abstract presented at the LICS 2005 Affiliated Workshop on Foundations of Computer Security (2005), available from http://www.cs.chalmers.se/~andrei/FCS05/fcs05.pdf
Biskup, J., Wiese, L.: On finding an inference-proof complete database for controlled query evaluation. In: Damiani, E., Liu, P. (eds.) Data and Applications Security XX. LNCS, vol. 4127, pp. 30–43. Springer, Heidelberg (2006)
Apt, K.: Principles of Constraint Programming. Cambridge University Press, Cambridge (2003)
Frühwirth, T., Abdennadher, S.: Essentials of Constraint Programming. Springer, Heidelberg (2003)
Ahn, G.J., Sandhu, R.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4), 207–226 (2000)
Jaeger, T.: On the increasing importance of constraints. In: RBAC 1999. Proceedings of the fourth ACM workshop on Role-based access control, pp. 33–42. ACM Press, New York (1999)
Moodahi, I., Gudes, E., Lavee, O., Meisels, A.: A secureworkflow model based on distributed constrained role and task assignment for the internet. In: Lopez, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 171–186. Springer, Heidelberg (2004)
Biskup, J., Bonatti, P.A.: Lying versus refusal for known potential secrets. Data & Knowledge Engineering 38, 199–222 (2001)
Borning, A., Freeman-Benson, B.N., Wilson, M.: Constraint hierarchies. Lisp and Symbolic Computation 5(3), 223–270 (1992)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biskup, J., Burgard, D.M., Weibert, T., Wiese, L. (2007). Inference Control in Logic Databases as a Constraint Satisfaction Problem. In: McDaniel, P., Gupta, S.K. (eds) Information Systems Security. ICISS 2007. Lecture Notes in Computer Science, vol 4812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77086-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-77086-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77085-5
Online ISBN: 978-3-540-77086-2
eBook Packages: Computer ScienceComputer Science (R0)