Abstract
Specifying a global policy in a data integration system in a traditional way would not necessarily offer a sound and efficient solution to deal with the inference problem [8]. This is mainly due to the fact that data dependencies (between distributed data sets) are not taken into account when local policies (attached to local sources) are defined. In this paper, by using formal concept analysis, we propose a methodology, together with a set of algorithms that can help to detect security breaches by reasoning about semantic constraints. Given a set of local policies, an initial global policy and data dependencies, we propose an approach that allows the security administrator to derive a set of queries so that when their results are combined they could lead to security breaches. We detect the set of additional rules which will be used to extend the policy of the mediator in order to block security breaches. We also discuss a set of experiments we conducted.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cuzzocrea, A., Hacid, M.-S., Grillo, N.: Effectively and efficiently selecting access control rules on materialized views over relational databases. In: International Database Engineering and Applications Symposium (IDEAS), pp. 225–235 (2010)
Denning, D.E., Schlorer, J.: Inference controls for statistical databases. Computer 16(7), 69–82 (1983)
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Assessing query privileges via safe and efficient permission composition. In: ACM Conference on Computer and Communications Security, pp. 311–322 (2008)
Farkas, C., Jajodia, S.: The inference problem: A survey. SIGKDD Explor. Newsl. 4(2), 6–11 (2002)
Ganter, B., Wille, R.: Formal Concept Analysis: Mathematical Foundations, 1st edn. Springer-Verlag New York Inc., Secaucus (1997)
Goguen, J.A., Meseguer, J.: Unwinding and inference control. In: Proceedings of the 1984 IEEE Symposium on Security and Privacy, pp. 75–86. IEEE Computer Society (1984)
Haddad, M., Hacid, M.-S., Laurini, R.: Data integration in presence of authorization policies. In: 1th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2012, Liverpool, United Kingdom, June 25–27, pp. 92–99 (2012)
Haddad, M., Stevovic, J., Chiasera, A., Velegrakis, Y., Hacid, M.-S.: Access control for data integration in presence of data dependencies. In: Bhowmick, S.S., Dyreson, C.E., Jensen, C.S., Lee, M.L., Muliantara, A., Thalheim, B. (eds.) DASFAA 2014, Part II. LNCS, vol. 8422, pp. 203–217. Springer, Heidelberg (2014)
Fellegi, I.P., Phillips, J.L.: Statistical confidentiality: Some theory and application to data dissemination. In: Annals of Economic and Social Measurement, vol. 3(2), pp. 101–112. National Bureau of Economic Research, Inc. (1974)
Kumar, C., et al.: Designing role-based access control using formal concept analysis. Security and Communication Networks 6(3), 373–383 (2013)
Mouliswaran, S.C., Kumar, Ch., Chandrasekar, C., et al.: Modeling chinese wall access control using formal concept analysis. In: 2014 International Conference on Contemporary Computing and Informatics (IC3I), pp. 811–816. IEEE (2014)
Nait-Bahloul, S.: Inference of security policies on materialized views. rapport de master 2 recherche (2009). http://liris.cnrs.fr/~snaitbah/wiki
Özsu, M.T., Valduriez, P.: Principles of Distributed Database Systems, 3rd edn. Springer (2011)
Rizvi, S., Mendelzon, A.O., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: Weikum, G., König, A.C., Deßloch, S., (eds.) Proceedings of the ACM SIGMOD International Conference on Management of Data, Paris, France, June 13–18, pp. 551–562. ACM (2004)
Rosenthal, A., Sciore, E.: View security as the basis for data warehouse security. In: CAiSE Workshop on Design and Management of Data Warehouses, pp. 5–6 (2000)
Rosenthal, A., Sciore, E.: Administering permissions for distributed data: Factoring and automated inference. In: Proc. of IFIP WG11.3 Conf. (2001)
Schlörer, J.: Security of statistical databases: Multidimensional transformation. ACM Trans. Database Syst. 6(1), 95–112 (1981)
Sellami, M., Gammoudi, M.M., Hacid, M.S.: Secure data integration: a formal concept analysis based approach. In: Decker, H., Lhotská, L., Link, S., Spies, M., Wagner, R.R. (eds.) DEXA 2014, Part II. LNCS, vol. 8645, pp. 326–333. Springer, Heidelberg (2014)
Sobieski, Ś., Zieliński, B.: Modelling role hierarchy structure using the formal concept analysis. Annales UMCS Sectio AI Informatica 10, 143–159 (2015)
Su, T.-A., Özsoyoglu, G.: Data dependencies and inference control in multilevel relational database systems. In: Proceedings of the 1987 IEEE Symposium on Security and Privacy, Oakland, California, USA, April 27–29, pp. 202–211 (1987)
Wang, L., Jajodia, S., Wijesekera, D.: Lattice-based inference control in data cubes. In: Preserving Privacy in On-Line Analytical Processing (OLAP). AIS, pp. 119–145. Springer US (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Sellami, M., Hacid, MS., Gammoudi, M.M. (2015). Inference Control in Data Integration Systems. In: Debruyne, C., et al. On the Move to Meaningful Internet Systems: OTM 2015 Conferences. OTM 2015. Lecture Notes in Computer Science(), vol 9415. Springer, Cham. https://doi.org/10.1007/978-3-319-26148-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-26148-5_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26147-8
Online ISBN: 978-3-319-26148-5
eBook Packages: Computer ScienceComputer Science (R0)