Skip to main content
SpringerLink
Log in
Book cover

International Conference on Risks and Security of Internet and Systems

CRiSIS 2019: Risks and Security of Internet and Systems pp 69–83Cite as

Inference Control in Distributed Environment: A Comparison Study

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12026))

Abstract

Traditional access control models aim to prevent data leakage via direct accesses. A direct access occurs when a requester performs his query directly into the desired object, however these models fail to protect sensitive data from being accessed with inference channels. An inference channel is produced by the combination of a legitimate response which the user receives from the system and metadata. Detecting and removing inference in database systems guarantee a high quality design in terms of data secrecy and privacy. Parting from the fact that data distribution exacerbates inference problem, we give in this paper a survey of the current and emerging research on the inference problem in both centralized and distributed database systems and highlighting research directions in this field.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Akeel, F., Fathabadi, A.S., Paci, F., Gravell, A., Wills, G.: Formal modelling of data integration systems security policies. Data Sci. Eng. 1(3), 139–148 (2016)

    Google Scholar 

  2. Akeel, F.Y., Wills, G.B., Gravell, A.M.: Exposing data leakage in data integration systems. In: 2014 9th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 420–425. IEEE (2014)

    Google Scholar 

  3. An, X., Jutla, D., Cercone, N.: Auditing and inference control for privacy preservation in uncertain environments. In: Havinga, P., Lijding, M., Meratnia, N., Wegdam, M. (eds.) EuroSSC 2006. LNCS, vol. 4272, pp. 159–173. Springer, Heidelberg (2006). https://doi.org/10.1007/11907503_12

    Chapter  Google Scholar 

  4. An, X., Jutla, D., Cercone, N.: Dynamic inference control in privacy preference enforcement. In: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, p. 24. ACM (2006)

    Google Scholar 

  5. Bahloul, S.N., Coquery, E., Hacid, M.S.: Access control to materialized views: an inference-based approach. In: Proceedings of the 2011 Joint EDBT/ICDT Ph. D. Workshop, pp. 19–24. ACM (2011)

    Google Scholar 

  6. Bahloul, S.N., Coquery, E., Hacid, M.S.: Securing materialized views: a rewriting-based approach. In: 29emes Journées BDA, pp. 1–25 (2013)

    Google Scholar 

  7. Biskup, J., Embley, D.W., Lochner, J.H.: Reducing inference control to access control for normalized database schemas. Inf. Process. Lett. 106(1), 8–12 (2008)

    Article  MathSciNet  Google Scholar 

  8. Biskup, J., Hartmann, S., Link, S., Lochner, J.-H.: Efficient inference control for open relational queries. In: Foresti, S., Jajodia, S. (eds.) DBSec 2010. LNCS, vol. 6166, pp. 162–176. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13739-6_11

    Chapter  Google Scholar 

  9. Biskup, J., Preuß, M., Wiese, L.: On the inference-proofness of database fragmentation satisfying confidentiality constraints. In: Lai, X., Zhou, J., Li, H. (eds.) ISC 2011. LNCS, vol. 7001, pp. 246–261. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24861-0_17

    Chapter  Google Scholar 

  10. Brodsky, A., Farkas, C., Jajodia, S.: Secure databases: constraints, inference channels, and monitoring disclosures. IEEE Trans. Knowl. Data Eng. 12(6), 900–919 (2000)

    Article  Google Scholar 

  11. Chang, L.W., Moskowitz, I.: A study of inference problems in distributed databases. In: Gudes, E., Shenoi, S. (eds.) Research Directions in Data and Applications Security. ITIFIP, vol. 128, pp. 191–204. Springer, Boston, MA (2003). https://doi.org/10.1007/978-0-387-35697-6_15

    Chapter  MATH  Google Scholar 

  12. Chen, Y., Chu, W.W.: Database security protection via inference detection. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, F.-Y. (eds.) ISI 2006. LNCS, vol. 3975, pp. 452–458. Springer, Heidelberg (2006). https://doi.org/10.1007/11760146_40

    Chapter  Google Scholar 

  13. Chen, Y., Chu, W.W.: Protection of database security via collaborative inference detection. In: Chen, H., Yang, C.C. (eds.) Intelligence and Security Informatics. SCI, vol. 135, pp. 275–303. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69209-6_15

  14. Clifton, C., et al.: Privacy-preserving data integration and sharing. In: Proceedings of the 9th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery, pp. 19–26. ACM (2004)

    Google Scholar 

  15. Cuzzocrea, A., Hacid, M.S., Grillo, N.: Effectively and efficiently selecting access control rules on materialized views over relational databases. In: Proceedings of the Fourteenth International Database Engineering & Applications Symposium, pp. 225–235. ACM (2010)

    Google Scholar 

  16. Delugach, H.S., Hinke, T.H.: Wizard: a database inference analysis and detection system. IEEE Trans. Knowl. Data Eng. 8(1), 56–66 (1996)

    Article  Google Scholar 

  17. Domingo-Ferrer, J.: Advances in inference control in statistical databases: an overview. In: Domingo-Ferrer, J. (ed.) Inference Control in Statistical Databases. LNCS, vol. 2316, pp. 1–7. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-47804-3_1

    Chapter  MATH  Google Scholar 

  18. Fan, W., Geerts, F., Li, J., Xiong, M.: Discovering conditional functional dependencies. IEEE Trans. Knowl. Data Eng. 23(5), 683–698 (2011)

    Article  Google Scholar 

  19. Farkas, C., Jajodia, S.: The inference problem: a survey. ACM SIGKDD Explor. Newslett. 4(2), 6–11 (2002)

    Article  Google Scholar 

  20. Guarnieri, M., Marinovic, S., Basin, D.: Securing databases from probabilistic inference. In: 2017 IEEE 30th Computer Security Foundations Symposium (CSF), pp. 343–359. IEEE (2017)

    Google Scholar 

  21. Haddad, M., Hacid, M.S., Laurini, R.: Data integration in presence of authorization policies. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 92–99. IEEE (2012)

    Google Scholar 

  22. Haddad, M., Stevovic, J., Chiasera, A., Velegrakis, Y., Hacid, M.-S.: Access control for data integration in presence of data dependencies. In: Bhowmick, S.S., Dyreson, C.E., Jensen, C.S., Lee, M.L., Muliantara, A., Thalheim, B. (eds.) DASFAA 2014. LNCS, vol. 8422, pp. 203–217. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-05813-9_14

    Chapter  Google Scholar 

  23. Hale, J., Shenoi, S.: Catalytic inference analysis: detecting inference threats due to knowledge discovery. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 188–199. IEEE (1997)

    Google Scholar 

  24. Hinke, T.H.: Inference aggregation detection in database management systems. In: Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 96–106. IEEE (1988)

    Google Scholar 

  25. Hinke, T.H., Delugach, H.S.: AERIE: an inference modeling and detection approach for databases. In: Sixth Working Conference on Database Security, p. 187 (1992)

    Google Scholar 

  26. Hinke, T.H., Delugach, H.S., Wolf, R.P.: Protecting databases from inference attacks. Comput. Secur. 16(8), 687–708 (1997)

    Article  Google Scholar 

  27. Katos, V., Vrakas, D., Katsaros, P.: A framework for access control with inference constraints. In: 2011 IEEE 35th Annual Computer Software and Applications Conference (COMPSAC), pp. 289–297. IEEE (2011)

    Google Scholar 

  28. Landwehr, C., Jajodia, S.: The use of conceptual structures for handling the inference problem (1992)

    Google Scholar 

  29. de Mantaras, R.L., Saina, L.: Inference attacks in peer-to-peer homogeneous distributed data mining. In: 16th European Conference on Artificial Intelligence, ECAI 2004, 22–27 August 2004, Valencia, Spain: Including Prestigious Applicants [sic] of Intelligent Systems (PAIS 2004): Proceedings, vol. 110, p. 450. IOS Press (2004)

    Google Scholar 

  30. Morgenstern, M.: Controlling logical inference in multilevel database systems. In: Proceedings of the 1988 IEEE Symposium on Security and Privacy, pp. 245–255. IEEE (1988)

    Google Scholar 

  31. Nait-Bahloul, S., Coquery, E., Hacid, M.-S.: Authorization policies for materialized views. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 525–530. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30436-1_43

    Chapter  Google Scholar 

  32. Qian, X., Stickel, M.E., Karp, P.D., Lunt, T.F., Garvey, T.D.: Detection and elimination of inference channels in multilevel relational database systems. In: Proceedings of 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 196–205. IEEE (1993)

    Google Scholar 

  33. Rath, S., Jones, D., Hale, J., Shenoi, S.: A tool for inference detection and knowledge discovery in databases. In: Spooner, D.L., Demurjian, S.A., Dobson, J.E. (eds.) Database Security IX. IAICT, pp. 317–332. Springer, Boston (1996). https://doi.org/10.1007/978-0-387-34932-9_20

    Chapter  Google Scholar 

  34. Sayah, T., Coquery, E., Thion, R., Hacid, M.-S.: Inference leakage detection for authorization policies over RDF data. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 346–361. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-20810-7_24

    Chapter  Google Scholar 

  35. Sellami, M., Gammoudi, M.M., Hacid, M.S.: Secure data integration: a formal concept analysis based approach. In: Decker, H., Lhotská, L., Link, S., Spies, M., Wagner, R.R. (eds.) DEXA 2014. LNCS, vol. 8645, pp. 326–333. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10085-2_30

    Chapter  Google Scholar 

  36. Sellami, M., Hacid, M.-S., Gammoudi, M.M.: Inference control in data integration systems. In: Debruyne, C., et al. (eds.) OTM 2015. LNCS, vol. 9415, pp. 285–302. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26148-5_17

    Chapter  Google Scholar 

  37. Shafer, G.: Detecting inference attacks using association rules (2001)

    Google Scholar 

  38. Staddon, J.: Dynamic inference control. In: Proceedings of the 8th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery, pp. 94–100. ACM (2003)

    Google Scholar 

  39. Su, T.A., Ozsoyoglu, G.: Controlling FD and MVD inferences in multilevel relational database systems. IEEE Trans. Knowl. Data Eng. 3(4), 474–485 (1991)

    Article  Google Scholar 

  40. Thuraisingham, B.: Handling security constraints during multilevel database design. In: Burns, R. (ed.) Research Directions zn Database Securt (v, IV, Mitre Technical report, M92B0000 118, Mitre Corp., McLean, Va (1992)

    Google Scholar 

  41. Thuraisingham, B., Ford, W., Collins, M., O’Keeffe, J.: Design and implementation of a database inference controller. Data Knowl. Eng. 11(3), 271–297 (1993)

    Article  Google Scholar 

  42. Thuraisingham, M.: Security checking in relational database management systems augmented with inference engines. Comput. Secur. 6(6), 479–492 (1987)

    Article  Google Scholar 

  43. Toland, T.S., Farkas, C., Eastman, C.M.: The inference problem: maintaining maximal availability in the presence of database updates. Comput. Secur. 29(1), 88–103 (2010)

    Article  Google Scholar 

  44. Tracy, J., Chang, L., Moskowitz, I.S.: An agent-based approach to inference prevention in distributed database systems. Int. J. Artif. Intell. Tools 12(03), 297–313 (2003)

    Article  Google Scholar 

  45. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Livraga, G., Paraboschi, S., Samarati, P.: Fragmentation in presence of data dependencies. IEEE Trans. Dependable Secure Comput. 11(6), 510–523 (2014)

    Article  Google Scholar 

  46. Wang, H., Liu, R.: Privacy-preserving publishing microdata with full functional dependencies. Data Knowl. Eng. 70(3), 249–268 (2011). https://doi.org/10.1016/j.datak.2010.11.002, http://www.sciencedirect.com/science/article/pii/S0169023X10001291

  47. Wang, J., Yang, J., Guo, F., Min, H.: Resist the database intrusion caused by functional dependency. In: 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), pp. 54–57. IEEE (2017)

    Google Scholar 

  48. Xu, X., Xiong, L., Liu, J.: Database fragmentation with confidentiality constraints: a graph search approach. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, pp. 263–270. ACM (2015)

    Google Scholar 

  49. Yang, Y., Li, Y., Deng, R.H.: New paradigm of inference control with trusted computing. In: Barker, S., Ahn, G.-J. (eds.) DBSec 2007. LNCS, vol. 4602, pp. 243–258. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73538-0_18

    Chapter  Google Scholar 

  50. Yip, R.W., Levitt, E.: Data level inference detection in database systems. In: 1998 Proceedings of 11th IEEE Computer Security Foundations Workshop, pp. 179–189. IEEE (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Mathematical Physical and Natural Sciences of Tunis, SERCOM Laboratory, Tunis El Manar University, 1068, Tunis, Tunisia

    Adel Jebali & Abderrazak Jemai

  2. ESPRIT School of Engineering, Tunis, Tunisia

    Adel Jebali

  3. Faculty of Law Economics and Management of Jendouba, VPNC Laboratory, Jendouba University, 8189, Jendouba, Tunisia

    Salma Sassi

  4. Polytechnic School of Tunisia, SERCOM Laboratory, INSAT, Carthage University, 1080, Tunis, Tunisia

    Abderrazak Jemai

Authors
  1. Adel Jebali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salma Sassi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abderrazak Jemai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adel Jebali .

Editor information

Editors and Affiliations

  1. ReDCAD, University of Sfax, Sfax, Tunisia

    Slim Kallel

  2. IMT Atlantique, Lab-STICC, Université Bretagne Loire, Rennes, France

    Frédéric Cuppens

  3. IMT Atlantique, Lab-STICC, Université Bretagne Loire, Rennes, France

    Nora Cuppens-Boulahia

  4. ReDCAD, University of Sfax, Sfax, Tunisia

    Ahmed Hadj Kacem

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jebali, A., Sassi, S., Jemai, A. (2020). Inference Control in Distributed Environment: A Comparison Study. In: Kallel, S., Cuppens, F., Cuppens-Boulahia, N., Hadj Kacem, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2019. Lecture Notes in Computer Science(), vol 12026. Springer, Cham. https://doi.org/10.1007/978-3-030-41568-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-41568-6_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-41567-9

  • Online ISBN: 978-3-030-41568-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation