Research On Inference Control Problems In Database

With the proliferation of computer and network technology, database security has become an important research area of information security. The research of inference problems in databases is a key field of high secure level database system and is an important means to achieve database security.Inference Problems were first considered in statistical databases. For inference problem in statistical databases, methods of inference attack in statistical database are analyzed and corresponding inference control techniques are summarized. The limitation of these inference control techniques is pointed out.For inference problem in Multilevel Security databases, the reason of inference occurrence is introduced and the existing inference control technologies are analyzed. Moreover, the drawbacks of these exiting technologies are presented. Then the evaluation methods for sensitive data inference risks based on rough set theory in secure databases are investigated. Rough set theory can be used to find inherent rules under relations, and evaluate inference risks that sensitive data confronted based on these inference rules.Dynamic inference control mechanism is investigated. The dynamic inference control mechanism demonstrates that access control can be made sufficiently dynamic to ensure easy access to the information users are entitled to, while retaining fast query processing. The dynamic method for inference control based on tokens is analyzed thoroughly. The main drawback of the method is that a user can perform"block an object"attack as follows. The user just visits all the m-1 other objects in the inference channel so that the last object is blocked. An approach of dynamic control based-on multiple tokens set is proposed. The approach prevents the attack with the price that user token set is used. The main idea is that when a user queries an object, only one of the subsets is involved in the processing so that other users can still access any object with high probability even a user performed"block an object"attack. Finally, we analyze the space complexity and time complexity of this algorithm and compare it with previous scheme.