Wednesday, October 6th, from 14:00 to 15:00
Room 2006, 20F, NII
Logical Requirements for Database Security
Confidentiality (in other contexts also called privacy or secrecy) of data
in a database is a universal security goal: A user interacting with the
database may not be allowed to access some
of the data. Traditional access rights / access control are conjectured to
fail to achieve confidentiality as they do not consider deductive
reasoning of users: A user may possess knowledge about the data in the
database and dependencies between them; hence the user might be able to
deduce facts beyond the data returned in database answers. The research
areas of Inference Control and Privacy-Preserving Query Answering fill
this gap.
In this talk, we present some Inference Control approaches in the
logic-based framework of Controlled Query Evaluation (CQE). We provide
logical models for the database, the secret data and the user profiles as
well as logically axiomatize deductions of users. We present methods that
either compute static ``inference-free'' views of a database or
dynamically control database answers at runtime.