Publication Type
Journal Article
Version
acceptedVersion
Publication Date
4-2010
Abstract
Inference has been a longstanding issue in database security, and inference control, aiming to curb inference, provides an extra line of defense to the confidentiality of databases by complementing access control. However, in traditional inference control architecture, database server is a crucial bottleneck, as it enforces highly computation-intensive auditing for all users who query the protected database. As a result, most auditing methods, though rigorously studied, are not practical for protecting large-scale real-world database systems. In this paper, we shift this paradigm by proposing a new inference control architecture, entrusting inference control to each user's platform that is equipped with trusted computing technology. The trusted computing technology is designed to attest the state of a user's platform to the database server, so as to assure the server that inference control could be enforced as prescribed. A generic protocol is proposed to formalize the interactions between the user's platform and database server. The authentication property of the protocol is formally proven. Since inference control is enforced in a distributed manner, our solution avoids the bottleneck in the traditional architecture, thus can potentially support a large number of users making queries.
Keywords
Inference control, trusted computing, database, auditing, security protocol
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Dependable and Secure Computing
Volume
7
Issue
2
First Page
189
Last Page
202
ISSN
1545-5971
Identifier
10.1109/TDSC.2008.70
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
Citation
YANG, Yanjiang; LI, Yingjiu; DENG, Robert H.; and BAO, Feng.
Shifting inference control to user side: Architecture and protocol. (2010). IEEE Transactions on Dependable and Secure Computing. 7, (2), 189-202.
Available at: https://ink.library.smu.edu.sg/sis_research/4919
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/TDSC.2008.70