Detection and elimination of inference channels in multilevel relational database systems

Abstract

Multilevel relational database systems store information at different security classifications. An inference problem exists if it is possible for a user with a low-level clearance to draw conclusions about information at higher classifications. The authors are developing DISSECT, a tool for analyzing multilevel relational database schemas to assist in the detection and elimination of inference problems. A translation is defined from schemas to an equivalent graph representation, which can be presented graphically in DISSECT. The initial focus is on detection of inference problems that depend only on information all of which is stored in the database. In particular, potential inference problems are identified as different sequences of foreign key relationships that connect the same entities. Inferences can be blocked by upgrading the security classification of some of foreign key relationships. A global optimization approach to upgrading is suggested to block a set of inference problems that allows upgrade costs to be considered, and supports security categories as well as levels.< <ETX xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">></ETX>

Keywords

InferenceComputer scienceRelational databaseKey (lock)Set (abstract data type)GraphData miningTheoretical computer scienceDatabaseInformation retrievalRepresentation (politics)Artificial intelligenceProgramming languageComputer security

Affiliated Institutions

Related Publications

New spectral methods for ratio cut partitioning and clustering

L. Hagen , Andrew B. Kahng

Partitioning of circuit netlists in VLSI design is considered. It is shown that the second smallest eigenvalue of a matrix derived from the netlist gives a provably good approxi...

1992 IEEE Transactions on Computer-Aided D... 1245 citations

Communication Theory of Secrecy Systems*

Claude E. Shannon

THE problems of cryptography and secrecy systems furnish an interesting application of communication theory. <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="htt...

1949 Bell System Technical Journal 9088 citations

Performance of a cellular hybrid C/TDMA mobile radio system applying joint detection and coherent receiver antenna diversity

J.J. Blanz , A. Klein , M. Naßhan +1 more

For future mobile radio systems, an appropriately chosen multiple access technique is a critical issue. Multiple access techniques presently under discussion are code division m...

1994 IEEE Journal on Selected Areas in Com... 123 citations

Matched filter performance bounds for diversity combining receivers in digital mobile radio

M.V. Clark , L.J. Greenstein , W.K. Kennedy +1 more

By employing the technique known as the matched filter bound, the authors derive analytical expressions for the distribution and average of the bit-error-rate in an ideal space ...

1992 IEEE Transactions on Vehicular Techno... 93 citations

Consensus and Cooperation in Networked Multi-Agent Systems

R. Olfati-Saber , J.A. Fax , Richard M. Murray

<para xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> This paper provides a theoretical framework for analysis of consensus algorithms...

2007 Proceedings of the IEEE 10068 citations

Publication Info

Year: 2002
Type: article
Pages: 196-205
Citations: 55
Access: Closed

External Links

View on DOI.org

Social Impact

Altmetric

Detection and elimination of inference channels in multilevel relational database systems

PlumX Metrics

Social media, news, blog, policy document mentions

Citation Metrics

OpenAlex

Cite This

APA Style

                            
                                    Xiaolei Qian, 
                                
                                    M.E. Stickel, 
                                
                                    Peter D. Karp
                                
                                et al.
                            
                            (2002). 
                            Detection and elimination of inference channels in multilevel relational database systems. 
                            
                            , 196-205.
                            https://doi.org/10.1109/risp.1993.287632

Identifiers

DOI: 10.1109/risp.1993.287632