B.M. Thuraisingham. Security checking in relational database management systems augmented with inference engines. Computers and Security, 6:479-- 492, 1987.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....by combining meta data with non confidential data to disclose confidential information. Since the beginning of 1980s, researchers, focusing on multi level secure relational databases, identified the problem of indirect access to confidential data via combining meta data with non confidential data [GM84,Mor88,SO87,Hin88,Smi90,Buc90,Den85,Thu87,MSS88,RJHS95,ST90]. However, these techniques often result in over classification of data and, therefore reduce data availability. Moreover, most authors, with the exception of [Den85,Hin88,SO91,DdVS99a,DdVS99b] do not consider the problem of actual inference for specific families of constraints; rather they ....

B.M. Thuraisingham. Security checking in relational database management systems augmented with inference engines. Computers and Security, 6:479-- 492, 1987.

....levels of some of the data items [2, 4 6, 7, 12, 17, 9, 13, 14, 16, 3, 4] These techniques often result in over classification of data and, therefore, reduce the availability of data. Techniques in the second category seek to eliminate inference channel violations during query time [5, 11, 15, 18]. If an inference channel is detected, the query is either refused or modified to avoid security violations. Each of the categories above requires either data dependent or data independent inference algorithms. However, none of the above works has the formal notion of soundness and completeness ....

....either data dependent or data independent inference algorithms. However, none of the above works has the formal notion of soundness and completeness for data dependent and data independent disclosure, and thus cannot establish these formal properties of disclosure inference. Also, most authors [2, 6, 13, 14, 11, 15, 18], with the exception of [5, 7, 16, 3, 4] do not consider the problem of actual inference for specific families of constraints (and its decidability, soundness, completeness, etc. rather they develop a framework, assuming that disclosure inference algorithms are readily available. It is our ....

B.M. Thuraisingham. Security checking in relational database management systems augmented with inference engines. Computers and Security, 6:479--492, 1987.

....Singh 1991#. As the focus of today s database technology is to achieveinteroperability of database systems, related security issues become exceedingly complex. Although many research e#orts aim at providing secure cooperation among databases, #Jonscher and Dittrich 1994# #Sheth and Larson 1990##Thuraisingham 1987#, most of the solutions o#ered are limited to a particular database model or particular types of database models. Our solution however, when implemented, would allow databases of di#erent models to interoperate in a secure federated environment through the use of Distributed Object Kernel. ....

Thuraisingham, M.B. #1987# Security Checking In Relational Database Management Systems Augmented with Inference Engines. Computers and Security 6, North-Holland, 479-492.

....together with authorized information to deduce unauthorized information [126] 12.2.1 Proposed Solutions Recently some solutions have been proposed to handle the inference problem. The inference problem can be dealt during database design [36, 87, 125, 126, 138] or during query processing [78, 134, 137]. In the first approach, security constraints during database design are handled in such a way that security violations via inference cannot occur. So many inference problems can be overcome through good design. The SeaView [93, 90] ASD Views [52] and SWORD [112] projects are examples of this ....

M. B. Thuraisingham. Security Checking in Relational Database Management System Augmented with Inference Engines. Computers & Security, 6(6), December 1987.

....[Denning 78] Therefore, response modification, which introduces uncertainty so as to reduce the risk of disclosure, has been the focus of much run time inference control research. 4.3.1. 1 Constraint Processors Some MITRE research focuses on handling inferences during query processing [Keefe 89; Thuraisingham 87, 88, 90a] The query modification technique is illustrated in Figure 4.4 below [Ford 90] MITRE has augmented Hewlett Packard s Allbase with a logic based Constraint Processor and knowledge base in their current prototyping effort [Thuraisingham 94] Security constraints contained in the ....

M. B. Thuraisingham. Security Checking in Relational Database Management Systems Augmented with Inference Engines. In Computers & Security, Vol. 6, pp. 479-492,1987.

....level is equal to the security level of the v. v:av level = v i :av level for some i, 1 i n. 5.2 Inference Inference problem occurs when a user can deduce (or infer) information from a collection of individual accesses against a database. Solutions to the inference problem were proposed in [11, 22, 17, 15, 27, 7] among others in the context of statistical and relational databases. Several approaches are used to handle the problem: 1) place restrictions on the set of allowable queries that can be issued by a user; 2) add noise to the data; and (3) augment a database with a logic based inference engine to ....

M. B. Thuraisingham. Security Checking in Relational Database Management System Augmented with Inference Engines. Computers & Security, 6(6), December 1987.

....SRI International [5,15,18] have developed an interactive tool, DISSECT, for detecting and eliminating compositional inference channels due to foreign key FDs. The DISSECT model builds on earlier work on inference control, including tools and techniques developed by Buczkowski [1] Thuraisingham [23,24], and Hinke [9] The current version of DISSECT [18] is limited to analyzing MLS database schemas (intensions) rather than actual MLS relations (extensions) Nevertheless, its success shows that it is possible to develop practical tools for dealing with the difficult problem of inference control. ....

M.B. Thuraisingham, Security checking in relational database management systems augmented with inference engines, Computers and Security , vol. 6, pp. 325-333, 1987.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC