Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Selected papers from the Third and Fourth Secure Data Management (SDM) workshops
Article type: Research Article
Authors: Böttcher, Stefan; * | Hartel, Rita
Affiliations: University of Paderborn, Computer Science, Fürstenallee 11, D-33102 Paderborn, Germany. E-mail: [email protected], [email protected]
Correspondence: [*] Corresponding author.
Abstract: We consider information disclosure caused by answering queries to an XML database. We introduce an audit framework to determine ‘suspicious’ user queries, i.e. those queries that returned results being sufficient to derive disclosed secret information. We describe secret information in form of a secret query and provide a formal definition of ‘suspicious’ user queries based on what we call ‘readset fragments’, i.e. XML fragments that have been read to produce certain query result nodes. Our approach performs two steps to detect ‘suspicious’ user queries. First, we analyze the structure of user queries and of the secret query to exclude ‘non-suspicious’ queries. Second, we derive a formula from user query, query result and secret query, which is satisfiable if and only if the query is ‘non-suspicious’.
Keywords: XML database, XPath, privacy, anti-inference, information disclosure
DOI: 10.3233/JCS-2009-0318
Journal: Journal of Computer Security, vol. 17, no. 1, pp. 69-99, 2009
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]