DB-inferences - Introduction to Database Security - Lecture Slides, Slides of Network security

The key points which are very informative in context of the database security are listed as:Db-Inferences, Definition, Inference Problem, Examples, Inferring Prohibited, Inference Problem, Inference Channel, Database, Classification, Lower Classification

Typology: Slides

2012/2013

Uploaded on 04/22/2013

sathiamoorthy
sathiamoorthy 🇮🇳

4.4

(24)

106 documents

1 / 26

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
DB-Inferences
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a

Partial preview of the text

Download DB-inferences - Introduction to Database Security - Lecture Slides and more Slides Network security in PDF only on Docsity!

DB-Inferences

DB-Inferences

  • Definition
  • Inference problem
  • Examples

Definition

  • Inference involves indirect access
  • Example: User has privilege to view data X but not data Y. Both these data are in table T. If the query SELECT X FROM T WHERE Y = value produces any result, then user has inferred something about Y
  • If user attempts an insert and it is denied, then it leads to inference

Definition

  • Inference could also result from correlated data, meaning that visible data is related to invisible data
  • Knowing the values t and k and able to guess an unknown value z = t * k is inference
  • Estimating value of z requires reducing the degree of uncertainty for z. Reducing the uncertainty degree using results of authorized queries is also inference

Inference Problem

  • Inference from queries based on sensitive data
  • To overcome this problem polyinstantiation is used
  • Inference due to dependencies
  • Example: Employees are aware that salary is the same for each rank. An employee without the right permission for salary can query the rank which is not sensitive and determine the salary because of dependency on rank

Inference Problem

  • Inference could also result from value constraints
  • Example: Assume that attribute ‘A’ is Unclassified but attribute ‘B’ is Secret with the constraint A + B ≤ 20. B does not impact A but in a query, because of the constraint, it may only pick up certain values of A, thus creating an inference channel

Inference Problem

  • Formula:

H(y) – Hx (y) INFER(x y) = H(y)

  • Function INFER takes on values from 0 to 1
  • Value 0 corresponds to no inference
  • Value 1 corresponds to full inference

Inference Problem

  • Another approach to preventing this

problem is to identify relationships between attributes, objects and abstract classes. Any of these relationships can be classified.

  • In the previous example, to hide the

relationship between employee and salary, one needs to classify that relationship

Inference Problem

  • It is good to keep this problem in mind for developing security policy rather than for classifying data
  • Mazumdar, Stemple and Sheard developed in 1988 a theorem prover approach to check for inference channels
  • Mazumdar et al use a method to see if a set of predefined secrets can be derived from the database integrity constraints

Inference Problem

  • Lock Data Views (LDV) model uses classification constraints to prevent inference problem
  • In LDV model, classification constraints are defined on sets of data according to the level of information that can be inferred from the data
  • Given a query, the result is upgraded to the appropriate level according to the classification constraints

Inference Problem

  • In Sea View system, data is stored high and selectively downgraded according to requester’s past access history
  • In LDV system, data is stored low and access to it is selectively restricted based on its access by low users
  • Another type of inference problem is “data association.” Two separate pieces of data may not be sensitive, but combined they are sensitive

Inference Problem

  • Example: Employee name and salary are

independently not sensitive but when they are associated, then it becomes sensitive

  • Inference problem is closely related to

statistical database security

Example

Flight ID Cargo Hold Contents Classification

1254 A Boots Unclassified

1254 B Guns Unclassified

1254 D Butter Unclassified

Unclassified user query results in the following table:

Unclassified user wants to ship an item to use the cargo hold C. Rejecting the use of cargo hold C produces an inference channel.

Example

BSD Table Birth-Year Sex Dept-Code Dept1 Dept2 Dept

1941-1951 M 10 12 0

F 1 0 3

1952-1962 M 12 10 5

F 20 2 8

1962 M 15 0 1

F 20 10 0