Exact detection of information leakage: Decidability and complexity

Rada Chirkova*, Ting Yu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Citations (Scopus)

Abstract

Elaborate security policies often require organizations to restrict user data access in a fine-grained manner, instead of traditional table- or column-level access control. Not surprisingly, managing fine-grained access control in software is rather challenging. In particular, if access is not configured carefully, information leakage may happen: Users may infer sensitive information through the data explicitly accessible to them. In this paper we formalize this information-leakage problem, by modeling sensitive information as answers to “secret queries,” and by modeling access-control rules as views. We focus on the scenario where sensitive information can be deterministically derived by adversaries. We review a natural data-exchange based inference model for detecting information leakage, and show its capabilities and limitation. We then introduce and formally study a new inference model, view-verified data exchange, that overcomes the limitation for the query language under consideration. Our formal study provides correctness and complexity results for the proposed inference model in the context of queries belonging to a frequent realistic query type and common types of integrity constraints on the data.

Original languageEnglish
Title of host publicationTransactions on Large-Scale Data- and Knowledge- Centered Systems XXXII - Special Issue on Big Data Analytics and Knowledge Discovery
EditorsTakahiro Hara, Abdelkader Hameurlain, Josef Kung, Roland Wagner, Sanjay Madria
PublisherSpringer Verlag
Pages1-23
Number of pages23
ISBN (Print)9783662556078
DOIs
Publication statusPublished - 2017
Event17th International Conference on Big Data Analytics and Knowledge Discovery, DaWaK 2015 - Valencia, Spain
Duration: 1 Sept 20154 Sept 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10420 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th International Conference on Big Data Analytics and Knowledge Discovery, DaWaK 2015
Country/TerritorySpain
CityValencia
Period1/09/154/09/15

Keywords

  • Data exchange
  • Information leakage
  • Privacy and security in data-intensive systems

Fingerprint

Dive into the research topics of 'Exact detection of information leakage: Decidability and complexity'. Together they form a unique fingerprint.

Cite this