Inference-usability confinement by maintaining inference-proof views of an information system Online publication date: Mon, 22-Sep-2014
by Joachim Biskup
International Journal of Computational Science and Engineering (IJCSE), Vol. 7, No. 1, 2012
Abstract: Extending traditional access control and complementing emerging usage control, inference-usability confinement aims at customising sensitive data to be returned to a client in such a way that the manipulated items are still useful for the recipient but do not enable any usage beyond the intended ones. In the context of a logic-oriented information system, a confinement mechanism generates an inference-proof view of the actually stored instance(s) while interacting with a client. We survey our specific approach to policy-driven inference-usability confinement for a server-client architecture, discussing various parameters and the resulting confinement mechanisms. Basically, the confinement is achieved by enforcing an invariant of the following kind: at any point in time, the information content of the data available to a client does not violate any protection requirement expressed by a declarative confidentiality policy. In this context, the information content of data and, accordingly, the inference-proofness of such data crucially depend on the client's a priori knowledge, general reasoning capabilities and awareness of the confinement mechanism.
Online publication date: Mon, 22-Sep-2014
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Computational Science and Engineering (IJCSE):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com