通知通告

德国多特蒙德工业大学Joachim Biskup教授学术报告通知

时间:2019年6月21日 | 来源:网络空间安全学院 | 作者:

报告人/SpeakerProf. Joachim Biskup, Technische Universität Dortmund, Germany(德国多特蒙德工业大学)

邀请人/Host王士林

时间/Time2019-06-28(星期五),14:00-15:00

地点/Venue软件大楼5号楼2楼5218

题目/Title: Strategies for Generating an Inference-Proof Database View

报告人简介/Brief Introduction of Speaker

Joachim Biskup received his diploma degree in mathematics from Technical University of Hannover in 1972 and his doctor’s degree in computer science from RWTH Aachen University in 1975. Since 1981 he has been a professor of computer science in the University of Dortmund. He has performed research in recursion and complexity theory, information systems with an emphasis on database schema design, query optimization and mediation, various aspects of security, in particular access control and inference control for enforcing confidentiality. He has joined the program committees of many international conferences, including ICDT, FoIKS, ESORICS and DBSec.

报告摘要/Abstract

This talk is based on joint work with P. Bonatti, L. Li, R. Menzel, M. Preuß, C.Tadros, L.Wiese etc.

Controlled Interaction Execution (CIE) is a long-term project to explore options under various settings to assist an information owner in enforcing his confidentiality requirements when communicating with an authorized partner. Besides dynamic ownerpartner interaction sequences, including query answering and update processing, generating a partner-specific view on the owner's data is a basic task of CIE. Such a view should be inference-proof regarding a confidentiality policy consisting of formally expressed prohibitions to learn a sensitive piece of information, equivalently of secrets to be kept hidden. Inference-proofness means that the original data -- hidden to the partner -- has been altered into a view observable by the partner such that (under some assumptions) all ways of rational reasoning to violate the policy have provably been blocked, even if the partner will exploit background knowledge including postulated a priori knowledge about the data application and the expected full awareness of the view generation algorithm. Hence, restricting to possibilistic policies, for each prohibition/secret S there exists possible alternative data that does not satisfy S but would lead to the same view.

We present and exemplify three strategies for view generation: intensional iterative generation by exhaustive querying, extensional iterative generation by eliminating violations, and extensional generation by global alterations. Regarding data the examples range over abstract data sources, relational databases founded on suitable fragments of first-order logic and XML documents. Regarding alterations, the examples range over total refusals, tailored weakenings by introducing disjunctions or suppressing data, lying, and a combined method.

 

欢迎广大教师和同学参加学术报告!

Copyright © 2017 - 2019 上海交通大学网络空间安全学院 沪ICP备05052060号