A systematic literature review of inference strategies Online publication date: Mon, 23-Aug-2010
by Philip Woodall, Pearl Brereton
International Journal of Information and Computer Security (IJICS), Vol. 4, No. 2, 2010
Abstract: Access controls are not sufficient to prevent the release of secret information from an information system unless they address the problem of inference. An inference strategy is a method by which a user can infer secret information using the information which they are allowed to access through the access control mechanism. The aim of this paper is to collate and categorise the set of inference strategies in the existing literature. The systematic literature review (SLR) methodology is used to identify and categorise known inference strategies. The SLR search found 63 sources, and 127 inference strategies were extracted from these sources, which have been categorised into 11 different categories. Recording the inference strategy processes has abstracted the detail which ties inference strategies to an information system. Using this abstraction, it should be feasible to determine the level of inference protection offered by information systems in general.
Online publication date: Mon, 23-Aug-2010
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information and Computer Security (IJICS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org