Security and Inference in Multilevel Database and Knowledge-Base Systems.

Matthew Morgenstern: Security and Inference in Multilevel Database and Knowledge-Base Systems. SIGMOD Conference 1987: 357-373

@inproceedings{DBLP:conf/sigmod/Morgenstern87,
  author    = {Matthew Morgenstern},
  editor    = {Umeshwar Dayal and
               Irving L. Traiger},
  title     = {Security and Inference in Multilevel Database and Knowledge-Base
               Systems},
  booktitle = {Proceedings of the Association for Computing Machinery Special
               Interest Group on Management of Data 1987 Annual Conference,
               San Francisco, California, May 27-29, 1987},
  publisher = {ACM Press},
  year      = {1987},
  pages     = {357-373},
  ee        = {http://doi.acm.org/10.1145/38713.38752, db/conf/sigmod/Morgenstern87.html},
  crossref  = {DBLP:conf/sigmod/87},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}

Abstract

This paper addresses the threat to multilevel security that arises from logical inference and the semantics of the application. Such compromises of security are particularly challenging since they circumvent traditional security mechanisms and rely on a user's knowledge of the application. The problems of inference and security have heretofore been amorphous and difficult to circumscribe. We focus on these problems in the context of a multilevel database system and show their relevance to knowledge-based systems, sometimes referred to as expert systems. Here we establish a framework for studying these inference control problems, describe a representation for relevant semantics of the application, develop criteria for safety and security of a system to prevent these problems, and outline algorithms for enforcing these criteria.

Copyright © 1987 by the ACM, Inc., used by permission. Permission to make digital or hard copies is granted provided that copies are not made or distributed for profit or direct commercial advantage, and that copies show this notice on the first page or initial screen of a display along with the full citation.

ACM SIGMOD Anthology

Online Version (ACM WWW Account required): Full Text in PDF Format

CDROM Version: Load the CDROM "Volume 1 Issue 2, SIGMOD '75-'92" and ...

Windows: Click the letter of your CD drive
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Mac: Click here
UNIX/LINUX: mount the CD and click on the path of your mount point:
/Anthology/smod7592 or /cdrom

DVD Version: Load ACM SIGMOD Anthology DVD 1" and ...

Windows: Click the letter of your CD drive
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Mac: Click here
UNIX/LINUX: mount the DVD and click on the path of your mount point:
/Anthology/aDVD1 or /dvd

Printed Edition

Umeshwar Dayal, Irving L. Traiger (Eds.): Proceedings of the Association for Computing Machinery Special Interest Group on Management of Data 1987 Annual Conference, San Francisco, California, May 27-29, 1987. ACM Press 1987

, SIGMOD Record 16(3)
Contents

Online Edition: ACM Digital Library

References

[BeLu87]: ...
[Dat86a]: C. J. Date: An Introduction to Database Systems, Volume I, 4th Edition. Addison-Wesley 1986
[deK86]: Johan de Kleer: An Assumption-Based TMS. Artif. Intell. 28(2): 127-162(1986)
[Den82]: Dorothy E. Denning: Cryptography and Data Security. Addison-Wesley 1982
[DeMo86]: ...
[DeLS87]: ...
[DeSc83]: ...
[GoMe84]: ...
[Hay85]: Barbara Hayes-Roth: A Blackboard Architecture for Control. Artif. Intell. 26(3): 251-321(1985)
[Mor86a]: Matthew Morgenstern: The Role of Constraints in Databases, Expert Systems, and Knowledge Representation. Expert Database Workshop 1984: 351-368
[Mor86b]: ...
[Mor84a]: Matthew Morgenstern: Constraint Equations: A Concise Compilable Representation for Quantified Constraints in Semantic Networks. AAAI 1984: 255-259
[Mor84b]: Matthew Morgenstern: Constraint Equations: Declarative Expression of Constraints With Automatic Enforcement. VLDB 1984: 291-300
[Row86]: ...
[ScBr82]: ...
[SiJR83]: George L. Sicherman, Wiebren de Jonge, Reind P. van de Riet: Answering Queries Without Revealing Secrets. ACM Trans. Database Syst. 8(1): 41-59(1983)
[SuOz87]: ...
[Tru84]: ...

Referenced by

Steven Dawson, Sabrina De Capitani di Vimercati, Patrick Lincoln, Pierangela Samarati: Minimal Data Upgrading to Prevent Inference and Association. PODS 1999: 114-125
Harry S. Delugach, Thomas H. Hinke: Wizard: A Database Inference Analysis and Detection System. IEEE Trans. Knowl. Data Eng. 8(1): 56-66(1996)
Keishi Tajima: Static Detection of Security Flaws in Object-Oriented Databases. SIGMOD Conference 1996: 341-352
Tzong-An Su, Gultekin Özsoyoglu: Controlling FD and MVD Inferences in Multilevel Relational Database Systems. IEEE Trans. Knowl. Data Eng. 3(4): 474-485(1991)
Günther Pernul, A. Min Tjoa: A View Integration Approach for the Design of Multilevel Security. ER 1991: 483-509
Gary W. Smith: The Semantic Data Model for Security: Representing the Security Semantics of an Application. ICDE 1990: 322-329
Nabil R. Adam, John C. Wortmann: Security-Control Methods for Statistical Databases: A Comparative Study. ACM Comput. Surv. 21(4): 515-556(1989)
Neil C. Rowe: Inference-Security Analysis Using Resolution Theorem-Proving. ICDE 1989: 410-416
Subhasish Mazumdar, David W. Stemple, Tim Sheard: Resolving the Tension between Integrity and Security Using a Theorem Prover. SIGMOD Conference 1988: 233-242