Abstract:This paper addresses the threat to multdevel security that arises from logical inference and the semantics of the apphcatlon Such compromises of security are particularly challengmg since they circumvent tradltlonal security mechamsms and rely on a user's knowledge of the apphcatlon The problems of inference and security have heretofore been amorphous and difficult to clrcumscrlbe We focus on these problems m the context of a multilevel database system and show their relevance to knowledge-based systems, somet… Show more
“…Denning and Morgenstern, pioneers in calculating the partial inference risk, employed classical information theory to measure the inference chance [3,25]. Given two data items x and y, let H(y) denote the entropy of y and H x (y) denote the entropy of y given x, where entropy is as defined in information theory.…”
Section: Previous Work On the Inference Problemmentioning
The widespread adoption of social computing applications is transforming our world. It has changed the way we routinely communicate and navigate our environment and enabled political revolutions. However, despite these applications' ability to support social action, their use puts individual privacy at considerable risk. This is in large part due to the fact that the public sharing of personal information through social computing applications enables potentially unwanted inferences about users' identity, location, or other related personal information. This paper provides a systematic overview of the social inference problem. It highlights the public's and research community's general lack of awareness of the problem and associated risks to user privacy. A social inference risk prediction framework is presented and associated empirical studies that attest to its validity. This framework is then used to outline the major research and practical challenges that need to be addressed if we are to deploy effective social inference protection systems. Challenges examined include how to address the computational complexity of social inference risk modeling and designing user interfaces that inform users about social inference opportunities.
“…Denning and Morgenstern, pioneers in calculating the partial inference risk, employed classical information theory to measure the inference chance [3,25]. Given two data items x and y, let H(y) denote the entropy of y and H x (y) denote the entropy of y given x, where entropy is as defined in information theory.…”
Section: Previous Work On the Inference Problemmentioning
The widespread adoption of social computing applications is transforming our world. It has changed the way we routinely communicate and navigate our environment and enabled political revolutions. However, despite these applications' ability to support social action, their use puts individual privacy at considerable risk. This is in large part due to the fact that the public sharing of personal information through social computing applications enables potentially unwanted inferences about users' identity, location, or other related personal information. This paper provides a systematic overview of the social inference problem. It highlights the public's and research community's general lack of awareness of the problem and associated risks to user privacy. A social inference risk prediction framework is presented and associated empirical studies that attest to its validity. This framework is then used to outline the major research and practical challenges that need to be addressed if we are to deploy effective social inference protection systems. Challenges examined include how to address the computational complexity of social inference risk modeling and designing user interfaces that inform users about social inference opportunities.
“…Another key direction of research involves role-based access control. For a sampling of relevant literature on these topics, see [34,71,97,106,165,193,194,195,291,294,295,320,324,325,384,410,411].…”
This paper reviews applications in computer science that decision theorists have addressed for years, discusses the requirements posed by these applications that place great strain on decision theory/social science methods, and explores applications in the social and decision sciences of newer decision-theoretic methods developed with computer science applications in mind. The paper deals with the relation between computer science and decision-theoretic methods of consensus, with the relation between computer science and game theory and decisions, and with "algorithmic decision theory."
“…27 Both the issue and the question are left open. There are several logic-based works, eg Sicherman/de Jonge/van de Riet (1983), Morgenstern (1987) and Bonatti/Kraus/Subrahmanian (1992). Yet their database model is very simple, in the sense that it lacks the Closed World Assumption, integrity constraints and update operations.…”
Abstract:The problem of enforcing confidentiality in the presence of integrity constraints in secure and, in particular, in multi level databases is still open. To enforce confidentiality the majority of previous works either advocates a violation of integrity or proposes pragmatically its preservation or restoration.In this work we argue that there can never be a trade-off between these two properties for integrity is a fundamental quality of every database, ie also a secure one. Confidentiality always implies a kind of distortion of the open database. We introduce a formally sound method for its enforcement which relies on aliases, ie, additional tuples the only purpose of which is the preservation of integrity of both the open database and each distortion of it.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.