7th European Symposium on Research in Computer Security (ESORICS 2002)
Confidentiality Policies and Their Enforcement for Controlled Query Evaluation
Joachim Biskup, Piero A. Bonatti
Keywords : inference control, controlled query evaluation, confidentiality policy, potential secret, secrecy, refusal, lying, combined refusal and lying
Abstract : An important goal of security in information systems is confidentiality. A confidentiality policy specifies which users should be forbidden to acquire what kind of information, and a controlled query evaluation should enforce such a policy even if users are able to reason about a priori knowledge and the answers to previous queries. We put the following aspects into a unifying and comprehensive framework: formal models of confidentiality policies based on potential secrets or secrecies, user awareness of the policy instance, and enforcement methods applying either lying or refusal, or a combination of lying and refusal. Two new evaluation methods are introduced. Different approaches are systematically compared and evaluated.
Proceedings table of contents