T. Garvey, T. Lunt, and M. Stickel. Abductive and approximate reasoning models for characterizing inference channels. IEEE Computer Security Foundations Workshop. 4, 1991.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....Their first computational result was Argus from Statistics Netherlands [29] I will examine this system in chapter 5 and show the first release of Argus does not provide adequate protection. 3. 2 Multi level databases Another related area is aggregation and inference in multi level databases [30, 31, 32, 33, 34, 35] which concerns restricting the release of lower classified information such that higher classified information cannot be derived. Denning and Lunt [36] described a multilevel relational database system (MDB) as having data stored at different security classifications and users having different ....

T. Garvey, T. Lunt and M. Stickel. Abductive and approximate reasoning models for characterizing inference channels. IEEE Computer Security Foundations Workshop, 4, 1991.

....P Argus from Statistics Netherlands [16] We will examine this system later, but many tests have been conducted [17] that show the first release of P Argus does not provide adequate protection. 3. 2 Multi level databases Another related area is aggregation and inference in multi level databases [18, 19, 20, 21, 22, 23] which concerns restricting the release of lower classified information such that higher classified information cannot be derived. 7 Many aggregation inference problems can be solved by database design [18] but this solution is not practical in the entity specific data setting described in ....

T. Garvey, T. Lunt and M. Stickel. Abductive and approximate reasoning models for characterizing inference channels. IEEE Computer Security Foundations Workshop, 4, 1991.

....a complete model of all knowledge and information that might be used to infer the sensitive data, which is generally impractical, as well as the ability to recognize all sensitive implications of that information, which is generally impossible. To some extent, all knowledge based approaches, e.g. [16, 11, 6, 23, 5, 10, 4, 19], need help from System Security Officer (SSO) to generate related structures. The knowledge input from SSO represents the semantics of application. The fact that SSO can never be sure he knows all the dependencies among data means that available approaches only provide partial solutions. At most, ....

....This problem argues for a more quantitative model of inferability. Sometimes inference is certain, such as through functional dependency. However, more frequently we have cases in which inference is partial or with certain probability. Several previous works have addressed this situation, e.g. [16, 6, 1]. However, in existing approaches the probabilities are either assumed (e.g. 1] or computed with the knowledge from SSO (e.g. 16, 6] This is not satisfactory due to the limits of SSO s understanding of the semantics of application. More recently, knowledge discovery in databases (KDD) or data ....

[Article contains additional citation context not shown here]

T.D. Garvey, T.F. Lunt and M.E. Stickel, Abductive and Approximate Reasoning Models for Characterising Inference Channels, Proc. of the Computer Security Foundations Workshop IV, 1991.

....its ability to detect and to optimally upgrade some attributes to automatically eliminate compositional and type overlap inference channels. Results of the DISSECT based research has been presented at various security conferences and workshops [Stickel 94; Lunt 94; Qian 92, 93a, 93b, 94; Garvey 91a, 91b, 91c, 93; Binns 92a] 4.4.2 AERIE The University of Alabama in Huntsville has developed an inference model called AERIE (Activities, Entities, and Relationships Inference Effects) The project is examining approaches to inference modeling and detection using inference targets (sensitive ....

T. D. Garvey, T. F. Lunt, and M. E. Stickel. Abductive and approximate reasoning models for characterizing inference channels. In Proceedings of the Fourth Workshop on the Foundations of Computer Security, June 1991.

....(entropy) measure for imprecise information. The inference control tool developed by Buczkowski [1] uses Bayesian probability to estimate security risks due to imprecise inference; his model extends Morgenstern s framework to permit the propagation of imprecise inference. Garvey and Lunt [4,6,10] have characterized inference channels, including partial inference channels due to abduction and probabilistic reasoning. Although the current version of their DISSECT tool is geared for precise inference, plans are underway to extend it to partial inference control [15,18] This paper describes ....

....sphere of influence notion for inferred information [13,14] has motivated the development of our formalism. Indeed, the equivalence classes contained in contexts can be viewed as specifying the maximal spheres of influence for data involved in imprecise inference. Whereas other techniques (e.g. [1,4,6,10]) estimate the probability with which sensitive values are inferred, the context based formalism enables us to consider the actual information chunks inferred in a database extension. To distinguish it from probability based models, we use the term imprecise rather than partial to ....

[Article contains additional citation context not shown here]

T.D. Garvey, T.F. Lunt and M.E. Stickel, Abductive and approximate reasoning models for characterizing inference channels, Proceedings of the Fourth Workshop on the Foundations of Computer Security , June 1991.

No context found.

T. Garvey, T. Lunt, and M. Stickel. Abductive and approximate reasoning models for characterizing inference channels. IEEE Computer Security Foundations Workshop. 4, 1991.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC