We perform a theoretical study of the following query-view security problem: given a view V to be published, does V logically disclose information about a confidential query S? The problem is motivated by the need to manage the risk of unintended information disclosure in today's world of universal data exchange. We present a novel information-theoretic standard for query-view security. This criterion can be used to provide a precise analysis of information disclosure for a host of data exchange scenarios, including multi-party collusion and the use of outside knowledge by an adversary trying to learn privileged facts about the database. We prove a number of theoretical results for deciding security according to this standard. We also generalize our security criterion to account for prior knowledge a user or adversary may possess, and introduce techniques for measuring the magnitude of partical disclosures. We believe these results can be a foundation for practical efforts to secure data exchange frameworks, and also illuminate a nice interaction between logic and probability theory.
展开▼
机译:我们对以下查询视图安全性问题进行了理论研究:给定要发布的视图 V , V 是否在逻辑上公开有关以下内容的信息:机密查询 S?该问题是由于需要管理当今通用数据交换世界中意外信息泄露的风险。我们提出了一种用于查询视图安全性的新颖的信息理论标准。此标准可用于为许多数据交换方案提供精确的信息披露分析,包括多方串通和试图学习有关数据库的特权事实的对手使用外部知识。我们证明了根据此标准确定安全性的许多理论结果。我们还概括了我们的安全标准,以考虑用户或对手可能拥有的先验知识,并介绍用于衡量部分披露程度的技术。我们认为,这些结果可以为实践工作提供基础,以确保数据交换框架的安全,也可以阐明逻辑与概率论之间的良好互动。
展开▼
