Abstract
A shared information system is expected to comply with the following potentially conflicting requirements. It should provide useful answers to arbitrary queries, while on the other hand it should preserve certain secrets according to a security policy. We study and compare two previously suggested approaches to meet these requirements, namely refusal of statements and lying. The investigation is performed using a highly abstract and general framework, both with respect to the information system and the preservation of secrets. The assessment shows that for unknown secrecies refusal is better than lying. In particular, while preserving the same secrets refusal can provide more useful answers.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35508-5_22
Chapter PDF
Similar content being viewed by others
References
Bonatti, P.A., Kraus, S., Subrahmanian, V.S. (1995). Foundations of secure deductive databases. IEEE Transactions on Knowledge and Data Engineering 7 (3), pp. 406–422.
Cohen, E. (1977). Information transmission in computational systems. Proceedings of the Sixth Symposium on Operating Systems Principles, pp. 133–139.
Cuppens, F., and Trouessin, G. (1994). Information flow controls vs. inference controls: an integrated approach. Proceedings of the Third European Symposium on Research in Computer Security, ESORICS 94. Lecture Notes in Computer Science 875, pp. 447–468. Berlin etc.: Springer.
Denning, D.E. (1982). Cryptography and Data Security. Reading etc.: Addison-Wesley.
Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y. (1995). Reasoning about Knowledge. Cambridge-London: MIT Press.
Goquen, J.A., and Mesequer, J. (1984). Unwinding and inference control. Proceedings of the IEEE Symposium on Security and Privacy, pp. 75–86.
Shoenfield, J.R. (1967). Mathematical Logic. Reading etc.: Addison-Wesley.
Sicherman, G.L., de Jonge, W., van de Riet, R.P. (1983). Answering queries without revealing secrets. ACM Transactions on Database Systems, 8 (1), pp. 41–59.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Biskup, J. (2000). For Unknown Secrecies Refusal is Better Than Lying. In: Atluri, V., Hale, J. (eds) Research Advances in Database and Information Systems Security. IFIP — The International Federation for Information Processing, vol 43. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35508-5_9
Download citation
DOI: https://doi.org/10.1007/978-0-387-35508-5_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6411-6
Online ISBN: 978-0-387-35508-5
eBook Packages: Springer Book Archive