Confidentiality-Preserving Distributed Proofs of Conjunctive Queries (Extended Version)
نویسندگان
چکیده
Distributed proof construction protocols have been shown to be valuable for reasoning about authorization decisions in open distributed environments such as pervasive computing spaces. Unfortunately, existing distributed proof protocols offer only limited support for protecting the confidentiality of sensitive facts, which limits their utility in many practical scenarios. In this paper, we propose a distributed proof construction protocol in which the release of a fact’s truth value can be made contingent upon facts managed by other principals in the system. We formally prove that our protocol can safely prove conjunctions of facts without leaking the truth values of individual facts, even in the face of colluding adversaries and fact release policies with cyclical dependencies. This facilitates the definition of context-sensitive release policies that enable the conditional use of sensitive facts in distributed proofs.
منابع مشابه
Conjunctive Query Entailment: Decidable in Spite of O, I, and Q
We present a decidability result for entailment of conjunctive queries (CQs) in the very expressive Description Logic (DL) ALCHOIQb [1] by establishing finite representability of countermodels in the case of non-entailment. Our result also generalizes to unions of conjunctive queries and SHOIQ provided the query contains only simple roles, and we are confident that the technique extends to SROI...
متن کاملThe Constructive Method for Query Containment Checking ( extended version )
We present a new method that checks Query Containment for queries with negated derived atoms and/or integrity constraints. Existing methods for Query Containment checking that deal with these cases do not check actually containment but another related property called uniform containment, which is a sufficient but not necessary condition for containment. Our method can be seen as an extension of...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملPrivacy-Preserving Queries on Encrypted Data
Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically...
متن کاملContainment and Optimization of Object-Preserving Conjunctive Queries
In the optimization of queries in an object-oriented database system (OODB), a natural rst step is to use the typing constraints imposed by the schema to transform a query into an equivalent one that logically accesses a minimal set of objects. We study a class of queries for OODB's called conjunctive queries. Variables in a conjunctive query range over heterogeneous sets of objects. Consequent...
متن کامل