Title

New Paradigm of Inference Control with Trusted Computing

Publication Type

Conference Proceeding Article

Publication Date

11-2006

Abstract

The database server is a crucial bottleneck in traditional inference control architecture, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, can never be implemented in practice for protecting largescale real-world database systems. To shift this paradigm, we propose a new inference control architecture that will entrust inference control to each users platform, provided that the platform is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a users platform to the database server, so as to assure the server that inference control could be enforced as expected. A generic protocol is proposed to formalize the interactions between the users platform and database server. Any existing inference control technique can work with our protocol, for which the security properties are formally proven. Since each user’s platform enforces inference control for its own queries, our solution avoids the bottleneck.

Keywords

Inference control, trusted computing, auditing, security protocol

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Data and Applications Security XXI: 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, July 8-11, 2007: Proceedings

Volume

4602

First Page

243

Last Page

258

ISBN

9783540735380

Identifier

10.1007/978-3-540-73538-0_18

Publisher

Springer Verlag

City or Country

Redondo Beach, CA

Additional URL

http://dx.doi.org/10.1007/978-3-540-73538-0_18