Verification of the Security against Inference Attacks on XML Databases
Summary :
This paper discusses verification of the security against inference attacks on XML databases. First, a security definition called k-secrecy against inference attacks on XML databases is proposed. k-secrecy with an integer k > 1 (or k = ∞) means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. Secondly, an XML query model such that verification can be performed straightforwardly according to the security definition is presented. The query model can represent practical queries which extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Thirdly, another refinement of the verification method is presented, which produces much smaller intermediate results if a schema contains no arbitrarily recursive element. The correctness of the refinement is proved, and the effect of the refinement in time and space efficiency has been confirmed by experiment.
- Publication
- IEICE TRANSACTIONS on Information Vol.E92-D No.5 pp.1022-1032
- Publication Date
- 2009/05/01
- Publicized
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.E92.D.1022
- Type of Manuscript
- Special Section PAPER (Special Section on Formal Approach)
- Category
- Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Kenji HASHIMOTO, Kimihide SAKANO, Fumikazu TAKASUKA, Yasunori ISHIHARA, Toru FUJIWARA, "Verification of the Security against Inference Attacks on XML Databases" in IEICE TRANSACTIONS on Information,
vol. E92-D, no. 5, pp. 1022-1032, May 2009, doi: 10.1587/transinf.E92.D.1022.
Abstract: This paper discusses verification of the security against inference attacks on XML databases. First, a security definition called k-secrecy against inference attacks on XML databases is proposed. k-secrecy with an integer k > 1 (or k = ∞) means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. Secondly, an XML query model such that verification can be performed straightforwardly according to the security definition is presented. The query model can represent practical queries which extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Thirdly, another refinement of the verification method is presented, which produces much smaller intermediate results if a schema contains no arbitrarily recursive element. The correctness of the refinement is proved, and the effect of the refinement in time and space efficiency has been confirmed by experiment.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E92.D.1022/_p
Copy
@ARTICLE{e92-d_5_1022,
author={Kenji HASHIMOTO, Kimihide SAKANO, Fumikazu TAKASUKA, Yasunori ISHIHARA, Toru FUJIWARA, },
journal={IEICE TRANSACTIONS on Information},
title={Verification of the Security against Inference Attacks on XML Databases},
year={2009},
volume={E92-D},
number={5},
pages={1022-1032},
abstract={This paper discusses verification of the security against inference attacks on XML databases. First, a security definition called k-secrecy against inference attacks on XML databases is proposed. k-secrecy with an integer k > 1 (or k = ∞) means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. Secondly, an XML query model such that verification can be performed straightforwardly according to the security definition is presented. The query model can represent practical queries which extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Thirdly, another refinement of the verification method is presented, which produces much smaller intermediate results if a schema contains no arbitrarily recursive element. The correctness of the refinement is proved, and the effect of the refinement in time and space efficiency has been confirmed by experiment.},
keywords={},
doi={10.1587/transinf.E92.D.1022},
ISSN={1745-1361},
month={May},}
Copy
TY - JOUR
TI - Verification of the Security against Inference Attacks on XML Databases
T2 - IEICE TRANSACTIONS on Information
SP - 1022
EP - 1032
AU - Kenji HASHIMOTO
AU - Kimihide SAKANO
AU - Fumikazu TAKASUKA
AU - Yasunori ISHIHARA
AU - Toru FUJIWARA
PY - 2009
DO - 10.1587/transinf.E92.D.1022
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E92-D
IS - 5
JA - IEICE TRANSACTIONS on Information
Y1 - May 2009
AB - This paper discusses verification of the security against inference attacks on XML databases. First, a security definition called k-secrecy against inference attacks on XML databases is proposed. k-secrecy with an integer k > 1 (or k = ∞) means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. Secondly, an XML query model such that verification can be performed straightforwardly according to the security definition is presented. The query model can represent practical queries which extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Thirdly, another refinement of the verification method is presented, which produces much smaller intermediate results if a schema contains no arbitrarily recursive element. The correctness of the refinement is proved, and the effect of the refinement in time and space efficiency has been confirmed by experiment.
ER -
English
