Skip to main content
SpringerLink
Log in

Binary integrity constraints against confidentiality

  • Relational and Extended Relational Approaches
  • Conference paper
  • First Online:
Database and Expert Systems Applications (DEXA 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1134))

Included in the following conference series:

  • 146 Accesses

Abstract

Any protection mechanism opens an unexpected channel of communication, the so-called covert channel. The Integrity Checker of a database is a protection mechanism, against data inconsistencies. As such, it opens a covert channel which can be used to thwart the mechanism which ensures confidentiality. Therefore, confidential data can be unveiled leading to a « the more semantic, the less secure » contradiction. The paper studies this contradiction in strictly defined situations: confidentiality is of discretionary type, consistency is ensured by binary integrity constraints and data of the database are the only knowledge used. The approach is relational. The expressive power of the relational model makes it possible to express both the formal properties on which unveilings are grounded and their computation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aho, A.V, Ullman, J.D, Universality of data retrieval languages, Proc. 6th ACM symposium on principles programming languages, 1979, San Antonio.

    Google Scholar 

  2. Bancilhon, F., Spyratos, N., Protection of Information in Relational Data Bases, VLDB, 1977.

    Google Scholar 

  3. Bancilhon, F., On the completeness of query languages, Proc. 7th Symposium on Math. Foundations of Computer Science., Zakopane, Poland, 1978.

    Google Scholar 

  4. Bertino, E., Weigand, H., An Approach to Authorisation Modelling in Object Oriented Database Systems, Data &Knowledge Engineering, volume 12, Number 1, February 1994.

    Google Scholar 

  5. Bussolati, U., Fugini, M.G, Martella, G., A Conceptual Framework for Security System Design, Proc. 9th IFIP World Conf., Paris, September 1983.

    Google Scholar 

  6. Castano, S., Fugini, M., Giancarlo, M., Pierangela, S., Database Security, Addison Wesley, 1994.

    Google Scholar 

  7. Delannoy, X., La Cohérence dans les Bases de Données, Research Report RR-936I, University of Grenoble (France), IMAG-TIMC Lab., November 1994.

    Google Scholar 

  8. Delannoy, X., The tension between transition rules and confidentiality, Research Report, University of Grenoble (France), IMAG-TIMC Lab., January 1996.

    Google Scholar 

  9. Delannoy, X., Understanding the Tension Between Transition Rules and Confidentiality, 14th British National Conference On Databases (BNCOD), 1996.

    Google Scholar 

  10. Greffen, P., Apers, P., Integrity Control in Relational Database Systems — An Overview, Data & Knowledge Engineering, 10 (1993), p187–223, North Holland, 1993.

    Google Scholar 

  11. Griffiths, P., Bradford, W., An Authorisation Mechanism for a Relational Database System, ACM Transactions on Database Systems, Vol. 1, No. 3, page 242–255, September 1976.

    Article  Google Scholar 

  12. Fugini, M.G., Martella, G., ACTEN: A Conceptual Model for Security System Design, Computers and Security, Elsevier (North Holland), 3(3), 1984.

    Google Scholar 

  13. Ingres manuals, Release 4.55, Computer Associate, 1993.

    Google Scholar 

  14. Manna, Z., Pnueli, A., The Temporal Logic of Reactive and Concurrent Systems — Specification-, Springer-Verlag, 1991.

    Google Scholar 

  15. Mazumdar, S., Stemple, D., Shread, T., Resolving the Tension between Integrity and Security Using a Theorem Prover, ACM SIGMOD, 1988.

    Google Scholar 

  16. Melton, J., Personal correspondence with Jim Melton, Senior Architect of Standards for Sybase Corp. and Editor of the ISO SQL-92 and emerging SQL-3 standards, December 1995.

    Google Scholar 

  17. Morgenstern, M., Security and Inference in Multilevel Database and Knowledge-Based Systems, Proceedings of Association for Computing Machinery Special Interest Group on Management of Data, 1987.

    Google Scholar 

  18. Oracle Manuals, Release 7, Oracle Corp., 1995.

    Google Scholar 

  19. Paradeans, J., On the expressive power of relational algebra, Inf. Processing Letter, 1978.

    Google Scholar 

  20. Information Technology — Database Language SQL, Third Edition, ISO/IEC 9075 (and 1994 addendum), 1992.

    Google Scholar 

  21. Database Language SQL (SQL3), ISO-ANSI Working Draft, ANSI TC X3H2, ISO/IEC JTC 1/SC 21/WG 3, August 1994.

    Google Scholar 

  22. Wiseman, S., On the Problem of Security in Data Bases, Database Security III, Status and Prospects, Results of the IFIP WG 11.3 Workshop on Database Security, September 1989.

    Google Scholar 

  23. Wiseman, S., Control of Confidentiality in Databases, Computers and Security, Vol. 9, No.6, Ocotber 1990.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratoire TMC-IMAG, Faculté de Médecine de Grenoble, 38706, La Tronche Cedex, France

    X. C. Delannoy

  2. CERTAL, INALCO - CNRS, 73 rue Broca, 75013, Paris, France

    C. Del Vigna

Authors
  1. X. C. Delannoy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. Del Vigna
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Roland R. Wagner Helmut Thoma

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Delannoy, X.C., Del Vigna, C. (1996). Binary integrity constraints against confidentiality. In: Wagner, R.R., Thoma, H. (eds) Database and Expert Systems Applications. DEXA 1996. Lecture Notes in Computer Science, vol 1134. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0034687

Download citation

  • DOI: https://doi.org/10.1007/BFb0034687

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61656-6

  • Online ISBN: 978-3-540-70651-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation