IEICE Transactions on Information and Systems

IEICE Transactions on Information and Systems 2005 E88-D(12):2767-2776; doi:10.1093/ietisy/e88-d.12.2767

This Article Full Text (PDF) References Alert me when this article is cited Alert me if a correction is posted Services Email this article to a friend Similar articles in this journal Alert me to new issues of the journal Add to My Personal Archive Download to citation manager Request Permissions Google Scholar Articles by ISHIHARA, Y. Articles by FUJIWARA, T. Search for Related Content Social Bookmarking          What's this?

Copyright © 2005 The Institute of Electronics, Information and Communication Engineers

Regular Section -- Papers -- Database

Security against Inference Attacks on Negative Information in Object-Oriented Databases^*

Yasunori ISHIHARA¹, Shuichiro AKO^1,2 and Toru FUJIWARA¹

¹ The authors are with the Graduate School of Information Science and Technology, Osaka University, Suita-shi, 565-0871 Japan. E-mail: ishihara{at}ist.osaka-u.ac.jp, ² Presently, with Japan Patent Office.

Inference attacks mean that a user derives information on the execution results of unauthorized queries from the execution results of authorized queries. Most of the studies on inference attacks so far have focused on only inference of positive information (i.e., what value is the execution result of a given unauthorized query). However, negative information (i.e., what value is never the execution result of a given unauthorized query) is also sensitive in many cases. This paper presents the following results on the security against inference attacks on negative information in object-oriented databases. First, inference of negative information is formalized under a model of object-oriented databases called method schemas. Then, the following two types of security problems are defined: (1) Is a given database instance secure against inference attacks on given negative information? (2) Are all of the database instances of a given database schema secure against inference attacks on given negative information? It is shown that the first problem is decidable in polynomial time in the description size of the database instance while the second one is undecidable. A decidable sufficient condition for any database instance of a given database schema to be secure is also proposed. Finally, it is shown that for a monadic schema (i.e., every method has exactly one parameter), this sufficient condition is also a necessary one.

Key Words: object-oriented database, authorization, inference attack, negative information

---

Manuscript received August 30, 2004. Manuscript revised June 2, 2005.

^* A preliminary version of this paper was presented at the 4th International Conference on Information and Communications Security (ICICS'02) [10].

CiteULike    Connotea    Del.icio.us    What's this?

Online ISSN 1745-1361 - Print ISSN 0916-8532

Copyright © 2008 IEICE

Oxford Journals Oxford University Press

• Site Map
• Privacy Policy
• Frequently Asked Questions

Other Oxford University Press sites: Oxford University Press Oxford Journals Japan American National Biography Booksellers' Information Service Children's Fiction and Poetry Children's Reference Corporate & Special Sales Dictionaries Dictionary of National Biography Digital Reference English Language Teaching Higher Education Textbooks Humanities International Education Unit Law Medicine Music Online Products Oxford English Dictionary Reference Rights and Permissions Science School Books Social Sciences Very Short Introductions World's Classics