New Paradigm of Inference Control with Trusted Computing
Conference Proceeding Article
The database server is a crucial bottleneck in traditional inference control architecture, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, can never be implemented in practice for protecting largescale real-world database systems. To shift this paradigm, we propose a new inference control architecture that will entrust inference control to each users platform, provided that the platform is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a users platform to the database server, so as to assure the server that inference control could be enforced as expected. A generic protocol is proposed to formalize the interactions between the users platform and database server. Any existing inference control technique can work with our protocol, for which the security properties are formally proven. Since each user’s platform enforces inference control for its own queries, our solution avoids the bottleneck.
Inference control, trusted computing, auditing, security protocol
Information Security and Trust
Data and Applications Security XXI: 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, July 8-11, 2007: Proceedings
City or Country
Redondo Beach, CA
YANG, Yanjiang; LI, Yingjiu; and DENG, Robert H..
New Paradigm of Inference Control with Trusted Computing. (2006). Data and Applications Security XXI: 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, CA, July 8-11, 2007: Proceedings. 4602, 243-258. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/611