Conference Paper

Polyinstantiation in Relational Databases with Multilevel Security

King ICTd.o.o., Zagreb
DOI: 10.1109/ITI.2007.4283757 Conference: Information Technology Interfaces, 2007. ITI 2007. 29th International Conference on
Source: IEEE Xplore

ABSTRACT Polyinstantiation provides the ability to create more versions of single information. It is used to prevent inference attacks. This paper explains the use of polyinstantiation in relational databases with multilevel security for implementing e.g. cover stories. It describes common methods of access controls in relational databases and describes multilevel relational databases. This paper also shows how polyinstantiation can be implemented and what types of architecture support it.

1 Bookmark
 · 
568 Views
  • [Show abstract] [Hide abstract]
    ABSTRACT: In a logical setting, consistency of a database instance with constraints is a fundamental requirement. We show how satisfaction of a set of constraints guarantees confidentiality of some information declared secret by a security policy – albeit at the cost of some modified database entries. We identify a very general class of constraints for which this problem is effectively and in many cases efficiently solvable by means of an automatic procedure. A distance minimization ensures maximal availability of correct database entries.
    Information Security, 12th International Conference, ISC 2009, Pisa, Italy, September 7-9, 2009. Proceedings; 01/2009
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We present a control mechanism for preserving confidential- ity in relational databases under open queries. This mechanism is based on a reduction of costly inference control to efficient access control that has recently been developed for closed database queries. Our approach guarantees that secrets being declared in form of a confidentiality pol- icy are not disclosed to database users even if they utilize their a priori knowledge to draw inferences. It turns out that there is no straightfor- ward transition from the approach for closed queries to open queries. We show, however, that hiding the confidentiality policy from database users is sufficient to preserve confidentiality. Moreover, we propose an algorithmic implementation of the control mechanism.
    Data and Applications Security and Privacy XXIV, 24th Annual IFIP WG 11.3 Working Conference, Rome, Italy, June 21-23, 2010. Proceedings; 01/2010
  • [Show abstract] [Hide abstract]
    ABSTRACT: Multilevel secure (MLS) database models provide a data protection mechanism different from traditional data access control. The MLS database has been used in various application domains including government, hospital, military, etc. The MLS database model protects data by grouping them into different classification and creates different views to the users of different clearance levels. Previous models have focused on data level classification like tuples and elements. In this study, we introduce a schema level classification mechanism, i.e. attribute and relation classification. We first define the basic model, and then give definitions of integration properties and operations of database. The schema classification scheme will reduce semantics inferences and thus prevent users from compromising the database.
    01/1970: pages 427-431;

Full-text

View
24 Downloads
Available from