Controlled Management of Confidentiality-Preserving Relational Interactions

摘要

This article builds on given fundamental concepts and a prototype implementation for history-aware and policy-driven inference control by means of a confidentiality-preserving security server, which mediates interactions between a relational database and a semi-honest (human) user. Within this already broad-ranging framework, we enhance the prototype towards efficient and effective user administration and monitoring by introducing and verifying two interactive and semiautomatic functionalities. The first one serves for the administration of global settings and the initial state of each user's internal surrogate. Reacting on a submitted interaction request, the second functionality handles the security server's dynamic selection of an admissible confinement method and its actual application, together with a corresponding state transition of the requesting user's surrogate. These functionalities employ extendible descriptors of surrogate states, interaction requests, database instances and confinement methods, respectively, as a kind of security labels.