Databases can leak confidential information when users combine query results with probabilistic data dependencies and prior knowledge. Current research offers mechanisms that either handle a limited class of dependencies or lack tractable enforcement algorithms. We propose a foundation for Database Inference Control based on ProbLog, a probabilistic logic programming language. We leverage this foundation to develop Angerona, a provably secure enforcement mechanism that prevents information leakage in the presence of probabilistic dependencies. We then provide a tractable inference algorithm for a practically relevant fragment of ProbLog. We empirically evaluate Angerona's performance showing that it scales to relevant security-critical problems.
@article{arxiv.1706.02473,
title = {Securing Databases from Probabilistic Inference},
author = {Marco Guarnieri and Srdjan Marinovic and David Basin},
journal= {arXiv preprint arXiv:1706.02473},
year = {2017}
}
Comments
A short version of this paper has been accepted at the 30th IEEE Computer Security Foundations Symposium (CSF 2017)