Exact detection of information leakage: Decidability and complexity

Rada Chirkova, Ting Yu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Elaborate security policies often require organizations to restrict user data access in a fine-grained manner, instead of traditional table- or column-level access control. Not surprisingly, managing fine-grained access control in software is rather challenging. In particular, if access is not configured carefully, information leakage may happen: Users may infer sensitive information through the data explicitly accessible to them. In this paper we formalize this information-leakage problem, by modeling sensitive information as answers to “secret queries,” and by modeling access-control rules as views. We focus on the scenario where sensitive information can be deterministically derived by adversaries. We review a natural data-exchange based inference model for detecting information leakage, and show its capabilities and limitation. We then introduce and formally study a new inference model, view-verified data exchange, that overcomes the limitation for the query language under consideration. Our formal study provides correctness and complexity results for the proposed inference model in the context of queries belonging to a frequent realistic query type and common types of integrity constraints on the data.

Original languageEnglish
Title of host publicationTransactions on Large-Scale Data- and Knowledge- Centered Systems XXXII - Special Issue on Big Data Analytics and Knowledge Discovery
PublisherSpringer Verlag
Pages1-23
Number of pages23
ISBN (Print)9783662556078
DOIs
Publication statusPublished - 1 Jan 2017
Event17th International Conference on Big Data Analytics and Knowledge Discovery, DaWaK 2015 - Valencia, Spain
Duration: 1 Sep 20154 Sep 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10420 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other17th International Conference on Big Data Analytics and Knowledge Discovery, DaWaK 2015
CountrySpain
CityValencia
Period1/9/154/9/15

    Fingerprint

Keywords

  • Data exchange
  • Information leakage
  • Privacy and security in data-intensive systems

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Chirkova, R., & Yu, T. (2017). Exact detection of information leakage: Decidability and complexity. In Transactions on Large-Scale Data- and Knowledge- Centered Systems XXXII - Special Issue on Big Data Analytics and Knowledge Discovery (pp. 1-23). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10420 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-662-55608-5_1