Abstract
The problem of enforcing confidentiality in the presence of integrity constraints in secure and, in particular, in multi level databases is still open. To enforce confidentiality the majority of previous works either advocates a violation of integrity or proposes pragmatically its preservation or restoration. In this work we argue that there can never be a trade-off between these two properties for integrity is a fundamental quality of every database, ie also a secure one. Confidentiality always implies a kind of distortion of the open database. We introduce a formally sound method for its enforcement which relies on aliases, ie, additional tuples the only purpose of which is the preservation of integrity of both the open database and each distortion of it.
Chapter PDF
5. References
Bonatti, Piero, Sarit Kraus and V.S. Subrahmanian. (1992) ‘Declarative Foundations of Secure Deductive Databases’. Ed Joachim Biskup and Richard Hull. 4th International Conference on Database Theory — ICDT’92. LNCS, vol 646. Berlin, Heidelberg: Springer-Verlag. pp 391–406. [Also in: IEEE Transactions on Knowledge and Data Engineering 7.3 (1995):406–422.]
Burns, Rae K. (1988) ‘An Application Perspective on DBMS Security Policies’. Ed Teresa F. Lunt. Research Directions in Database Security. 1st RADC Database Security Invitational Workshop 1988. New York et al: Springer-Verlag, 1992. pp 227–233.
—. (1990a) ‘Referential Secrecy’. 1990 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press. pp 133–142
—. (1990b) ‘Integrity and Secrecy: Fundamental Conflicts in the Database Environment’. Ed Bhavani Thuraisingham. 3rd RADC Database Security Workshop 1990. Bedford, Massachussets: Mitre, 1991. pp 37–40.
Cremers, Armin B., Ulrike Griefahn and Ralf Hinze. (1994) Deduktive Datenbanken. Braunschweig: Vieweg.
Das, Subrata Kumar. (1992) Deductive Databases and Logic Programming. Wokingham, England: Addison-Wesley.
Denning, Dorothy E., Teresa F. Lunt, Roger R. Schell, Mark Heckman and William R. Shockley. (1987) ‘A Multilevel Relational Data Model’. 1987 IEEE Symposium on Security and Privacy. IEEE Computer Society Press. pp 220–234.
Gajnak, George E. (1988) ‘Some Results from the Entity/Relationship Multilevel Secure DBMS Project’. Ed Teresa F. Lunt. Research Directions in Database Security. 1st RADC Database Security Invitational Workshop 1988. New York et al: Springer-Verlag, 1992. pp 173–190.
Garvey, Thomas D., and Teresa F. Lunt. (1991b) ‘Cover Stories for Database Security’. Ed Carl E. Landwehr and Sushil Jajodia. Database Security V. IFIP WG11.3 Workshop on Database Security 1991. Amsterdam: North-Holland, 1992. pp 363–380.
Haigh, J. Thomas, Richard C. O’Brien and Dan J. Thomsen. (1990) ‘The LDV Secure Relational DBMS Model’. Ed Sushil Jajodia and Carl E. Landwehr. Database Security IV. IFIP WG11.3 Workshop on Database Security 1990. Amsterdam: North-Holland, 1991. pp 265–279.
—, —, Paul D. Stachour and D.L. Toups. (1989) ‘The LDV Approach to Database Security’. Ed David L. Spooner and Carl E. Landwehr. Database Security III. IFIP WG11.3 Workshop on Database Security 1989. Amsterdam: North-Holland, 1990. pp 323–339.
Jajodia, Sushil, and Ravi S. Sandhu. (1991) ‘Enforcing Primary Key Requirements in Multilevel Relations’. Ed Rae K. Burns. Research Directions in Database Security IV. 4th RADC Multilevel Database Security Workshop 1991. Bedford, Massachussets: Mitre, 1992. pp 67–73.
Landwehr, Carl E. (1981) ‘Formal Models for Computer Security’. ACM Computing Surveys 13.3:247–278.
Maimone, Bill, and Richard Alien. (1991) ‘Methods for Resolving the Security vs. Integrity Conflict’. Ed Rae K. Burns. Research Directions in Database Security IV. 4th RADC Multilevel Database Security Workshop 1991. Bedford, Massachussets: Mitre, 1992. pp 55–59.
Meadows, Catherine, and Sushil Jajodia. (1987) ‘Integrity Versus Security In Multi-Level Secure Databases’. Ed Carl E. Landwehr. Database Security. IFIP WG11.3 Initial Meeting 1987. Amsterdam: North-Holland, 1988. pp 89–101.
Morgenstern, Matthew. (1987) ‘Security and Inference in Multilevel Database and Knowledge-Base Systems’. 1987 ACM SIGMOD Conference / SIGMOD Record 16.3:357–373.
—. (1988) ‘Controlling Logical Inference in Multilevel Database Systems’. 1988 IEEE Symposium on Security and Privacy. IEEE Computer Society Press. pp 245–255.
Qian, Xiaolei. (1994) ‘Inference Channel-Free Integrity Constraints in Multilevel Relational Databases’. 1994 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press. pp 158–167.
Reiter, Raymond. (1984) ‘Towards a Logical Reconstruction of Relational Database Theory’. Ed Michael L. Brodie, John Mylopoulos and Joachim W. Schmidt. On Conceptual Modeling. New York: Springer-Verlag. pp 191–238.
Sandhu, Ravi S., and Sushil Jajodia. (1993) ‘Referential Integrity in Multilevel Secure Databases’. 16th National Computer Security Conference. NIST/NCSC. pp 39–52.
Sicherman, George L., Wiebren de Jonge and Reind P. van de Riet. (1983) ‘Answering Queries Without Revealing Secrets’. ACM Transactions on Database Systems 8.1:41–59.
Spalka, Adrian, and Armin B. Cremers. (1997) ‘Structured name-spaces in secure databases’. Ed T. Y. Lin and Shelly Qian. Database Security XI. IFIP TC11 WG11.3 Conference on Database Security. London at al: Chapman & Hall, 1998. pp 291–306.
—, —. (1999) ‘The effect of confidentiality on the structure of databases’. Database Security XIII. IFIP TC11 WG11.3 Conference on Database Security.
Stachour, Paul D. (1988) ‘LOCK Data Views’. Ed Teresa F. Lunt. Research Directions in Database Security. 1st RADC Database Security Invitational Workshop 1988. New York et al: Springer-Verlag, 1992. pp 63–80.
—. (1989) ‘SCTC Technical Note: Organizing Secure Applications “by Name”’. Ed Teresa F. Lunt. Research Directions in Database Security II. 2nd RADC Database Security Workshop 1989. Menlo Park, CA: SRI.
Thuraisingham, Bhavani M. (1991) ‘A Nonmonotonic Typed Multilevel Logic for Multilevel Secure Data/Knowledge Base Management Systems’. The Computer Security Foundations Workshop IV. IEEE Computer Society Press. pp 127–138.
—. (1992) ‘A Nonmonotonic Typed Multilevel Logic for Multilevel Secure Data/Knowledge Base Management Systems — II’. The Computer Security Foundations Workshop V. IEEE Computer Society Press. pp 135–146.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Kluwer Academic Publishers
About this chapter
Cite this chapter
Spalka, A., Cremers, A.B. (2002). Confidentiality vs Integrity in Secure Databases. In: Thuraisingham, B., van de Riet, R., Dittrich, K.R., Tari, Z. (eds) Data and Application Security. IFIP International Federation for Information Processing, vol 73. Springer, Boston, MA. https://doi.org/10.1007/0-306-47008-X_18
Download citation
DOI: https://doi.org/10.1007/0-306-47008-X_18
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7514-2
Online ISBN: 978-0-306-47008-0
eBook Packages: Springer Book Archive