Back to Search Start Over

Keeping secrets in incomplete databases.

Authors :
Biskup, Joachim
Weibert, Torben
Source :
International Journal of Information Security. Jun2008, Vol. 7 Issue 3, p199-217. 19p. 1 Diagram, 6 Charts.
Publication Year :
2008

Abstract

Controlled query evaluation (CQE) preserves confidentiality in information systems at runtime. A confidentiality policy specifies the information a certain user is not allowed to know. At each query, a censor checks whether the answer would enable the user to learn any classified information. In that case, the answer is distorted, either by lying or by refusal. We introduce a framework in which CQE can be analyzed wrt. possibly incomplete logic databases. For each distortion method, lying and refusal, a class of confidentiality-preserving mechanisms is presented. Furthermore, we specify a third approach that combines lying and refusal and compensates the disadvantages of the respective uniform methods. The enforcement methods are compared to the existing methods for complete databases. [ABSTRACT FROM AUTHOR]

Subjects

Subjects :
*DATABASE security
*CONFIDENTIAL communication access control
*SENSOR networks
*INFORMATION technology security

Details

Language :
English
ISSN :
16155262
Volume :
7
Issue :
3
Database :
Academic Search Index
Journal :
International Journal of Information Security
Publication Type :
Academic Journal
Accession number :
32014262
Full Text :
https://doi.org/10.1007/s10207-007-0037-7
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details