Controlled Query Evaluation and Inference-Free View Updates

Abstract: Abstract. We extend Controlled Query Evaluation (CQE), an inference control method to enforce confidentiality in static information systems under queries, to updatable databases. Within the framework of the lying approach to CQE, we study user update requests that have to be translated into a new database state. In order to avoid dangerous inferences, some such updates have to be denied even though the new database instance would be compatible with a set of integrity constraints. In contrast, some other update… Show more

“…The controlled query evaluation (CQE) framework first introduced by Sicherman et al [19] offers a mechanism for answering database queries without revealing secrets. This framework which has been explored extensively by Biskup and colleagues in a series of papers [85,86,87,88,89,90,91,92,93,94,95,96] includes: (a) policies that specify secrets (queries for which all possible answers must be protected), potential secrets (queries for which only some of the answers must be protected); (b) policies for answering queries so as to protect secrets and potential secrets including lying in response to a query, refusing to answer a query, and their combinations; and (c) alternative assumptions regarding whether or not the querying agent is aware of the queries whose answers the KB is trying to protect. Recent work within this framework has introduced techniques using SAT-solvers and constraint solvers for preprocessing the databases so that the resulting database can answer queries in a manner that is consistent with the specified policies.…”

Topics in Knowledge Bases: Epistemic Ontologies and Secrecy-preserving Reasoning

“…The controlled query evaluation (CQE) framework first introduced by Sicherman et al [19] offers a mechanism for answering database queries without revealing secrets. This framework which has been explored extensively by Biskup and colleagues in a series of papers [85,86,87,88,89,90,91,92,93,94,95,96] includes: (a) policies that specify secrets (queries for which all possible answers must be protected), potential secrets (queries for which only some of the answers must be protected); (b) policies for answering queries so as to protect secrets and potential secrets including lying in response to a query, refusing to answer a query, and their combinations; and (c) alternative assumptions regarding whether or not the querying agent is aware of the queries whose answers the KB is trying to protect. Recent work within this framework has introduced techniques using SAT-solvers and constraint solvers for preprocessing the databases so that the resulting database can answer queries in a manner that is consistent with the specified policies.…”

Topics in Knowledge Bases: Epistemic Ontologies and Secrecy-preserving Reasoning

Towards Controlled Query Evaluation for Incomplete First-Order Databases

Usability Confinement of Server Reactions: Maintaining Inference-Proof Client Views by Controlled Interaction Execution