高级检索

    基于推理的安全数据库审计框架

    Inference Based Security Database Auditing Framework

    • 摘要: 信息技术的发展给安全数据库带来了新的挑战,各种安全策略明确以法律条文形式颁布,这要求采用有效的手段证实,对数据库的访问与安全策略的一致性,审计访问数据库的各种查询正好能实现这一目标,但常规的审计方法只能对单个查询的查询结果进行审计,而蓄意破坏的用户可能利用多个查询的查询结果进行推理来访问敏感信息,这就要求审计的同时也应具备基本的推理能力,提出了切实可行的安全数据库推理审计框架,该框架具有①MVD推理审计能力;②FFD推理审计能力;③FD推理审计能力,而且具有审计方法快速、准确、细粒度等特点.

       

      Abstract: The development of information technology brings security database new challenges. Privacy principles are even being mandated internationally through legislations and guidelines, and this requires the security database to verify that it adheres to its declared data disclosure policy. An auditing system satisfies the above desiderata well, but only auditing the result of query is not enough, because malicious user can access sensitive information by inferring the result of query. This requires the auditing system to have the basic inference capacity. In this paper, a security database inference audit framework is proposed, which have the ability of MVD inference, FFD inference, and FD inference. At the same time, the auditing system keeps the properties of fast, precise, and fine-grained.

       

    /

    返回文章
    返回