Figure 5 - uploaded by Csilla Farkas
Content may be subject to copyright.
Security Violation Pointers
Source publication
In this paper we study the security impact of large-scale, semantically enhanced data processing in distributed databases. We present an ontology-supported security model to detect undesired inferences via replicated XML data. Our model is able to detect inconsistent security classifications of replicated data. We propose the Ontology Guided XML Se...
Citations
... Some solutions for inference problem in XML databases were proposed, but mainly for XML documents with the same format [7,37]. To the best of our knowledge, three solutions were presents to address the ontology-based inference attacks problem in XML databases, i.e. the Oxsegin by Stoica and Farkas, Oxicde by Zhang and Semsie by Yang et al. [7,37,38]. ...
... Some solutions for inference problem in XML databases were proposed, but mainly for XML documents with the same format [7,37]. To the best of our knowledge, three solutions were presents to address the ontology-based inference attacks problem in XML databases, i.e. the Oxsegin by Stoica and Farkas, Oxicde by Zhang and Semsie by Yang et al. [7,37,38]. Both Oxsegin and Oxicde try to detect replicated data under conflicting classifications, using multiple XML documents and the relationship 14 TEM Journal -Volume 4 / Number 1 / 2015. ...
Today's databases store information with sensitivity levels that range from public to highly sensitive, hence ensuring confidentiality can be highly important, but also requires costly control. This paper focuses on the inference problem on different database structures. It presents possible treats on privacy with relation to the inference, and control methods for mitigating these treats. The paper shows that using only access control, without any inference control is inadequate, since these models are unable to protect against indirect data access. Furthermore, it covers new inference problems which rise from the dimensions of new technologies like XML, semantics, etc.
... Several projects have developed support for detecting inferences related to duplicated data protected using inconsistent policies. Stoica et al. implemented a model where their security engine would detect ontologically equivalent XML data elements which are replicated [16]. In that work, equivalence was established manually. ...
The values of data elements stored in biomedical databases often draw from biomedical ontologies. Authorization rules can be defined on these ontologies to control access to sensitive and private data elements in such databases. Authorization rules may be specified by different authorities at different times for various purposes. Since such policy rules can conflict with each other, access to sensitive information may inadvertently be allowed. Another problem in biomedical data protection is inference attacks, in which a user who has legitimate access to some data elements is able to infer information related to other data elements. We propose and evaluate two strategies; one for detecting policy inconsistencies to avoid potential inference attacks and the other for detecting policy conflicts.
... The final assumption is that the security officer (who sets the access permissions) of one data source is unable to determine semantically equivalent information in another data source. Therefore, replicated information may exist at different data sources having differing security classifications (Stoica & Farkas, 2004). Using the DDI strategy, based on the second assumption, Sweeny (2002) accessed the medical details of William Weld who was governor of Massachusetts using two independent data sources (seeTable 2, row 11). ...
Access controls are not sufficient to prevent the release of secret information from an information system unless they address the problem of inference. An inference strategy is a method by which a user can infer secret information using the information which they are allowed to access through the access control mechanism. The aim of this paper is to collate and categorise the set of inference strategies in the existing literature. The systematic literature review (SLR) methodology is used to identify and categorise known inference strategies. The SLR search found 63 sources, and 127 inference strategies were extracted from these sources, which have been categorised into 11 different categories. Recording the inference strategy processes has abstracted the detail which ties inference strategies to an information system. Using this abstraction, it should be feasible to determine the level of inference protection offered by information systems in general.
... Damiani et al. (2002) presented an access control model for XML documents by exploiting XML's own capabilities and a language for the specification of access restrictions along with a description of a system architecture for access control enforcement. For inference over XML data, Farkas and Stoica (2003) and Stoica and Farkas (2004) proposed using ontologies to detect security violations among distributed XML documents and specifically designed Oxsegin, an Ontology guided XML Security Engine, to detect replicated or correlated information under different security classifications. Such access control models to XML data cannot be applied directly to the semantic web data mainly because XML access control focuses on the syntax rather than the semantics. ...
The semantic web has been envisioned as a machine interpretable web, where data instances are described through concepts defined and related in ontologies. Though ontologies are publicly available as a crucial component of the semantic web infrastructure, many data instances are sensitive and should be kept confidential. Sensitive information can be illegally inferred from other seemingly unclassified information in combination with the underlying data semantics and interrelationships revealed by ontologies. In other words, the visibility of ontologies can pose inference threats to the security of data instances, and this requires that security policies be specified in such a way that the semantic relationships among data instances are taken into account. To protect the semantic web data or other semantics-rich data, this paper presents semantics-aware security policy specification. We propose concept-level, association-level and property-level access control models for different security objects, and that authorisations be propagated based on different inference patterns. These propagation policies can be used to generate safe and consistent access control authorisations.
... However, the characteristics of these two environments differ from several perspectives such as data completeness, scope of data control, data models, scalability, and data quality [8]. The works of Stoica and Farkas [9] present an initial analysis of the related problems. ...
In today's world, security is one of the most important quality attributes in Semantic Web. Semantic Web proposes new security requirements; therefore, previous security mechanisms provide insufficient support for an in-depth treatment of security in Semantic Web. This paper presents the mandatory role of privacy persevering method in access control model, inference and semantic data mining method and trust negotiation technique for applying in Semantic Web. We show the relation among them in order to secure Semantic Web. Privacy persevering method can prevent unauthorized access to confidential information and services further to being a hindrance for disclosure of private personal information.
... Most of the recent work in this area has addressed the use of semantics to address the implications of the Semantic Web technology on data representations and the inadequate protection that needs to be improved. Stoica and Farkas [1]Figure 1: Semantic enforcement mechanism inferences and reasoning as part of the solution, it clearly addresses a different problem. Damiani et al. [2] proposed extending policy languages by utilizing Semantic Web languages. ...
In such applications as location-based advertising, merchants use consumers' information to send them personalized advertisements. These applications provide convenience to consumers and competitive advantage to merchants. However, the improper use of consumers' information presents a serious threat to their privacy. It is also important to observe that among the motives for the consumers to accept advertisements is the incentive offered by the merchant. Therefore, such incentive should become a criterion upon which consumers decide to grant or deny access to their information. We propose modeling mobile consumer preferences including incentive-related preferences in an ontology using the Ontology Web Language (OWL) and enforcing these preferences using reasoning techniques. We present modeling of consumer preferences and merchant queries in that ontology and describe how to match them. Moreover, we present a prototype implementation and an evaluation study that shows that query size is more significant than the ontology size.
... Stoica and Farkas [17,35,36] propose a method similar to Liu et al. [27]. They manipulate XML documents according to metadata associated to them. ...
... XML Correlation with Ontologies: In [17] and [36] Stoica and Farkas show that large collections of distributed XML documents are exposed to inference attacks through data correlation and replication. They propose that XML documents to be mapped to ontologies (Fig-From Figure 2. XML mapping to Ontology ure 2) to convey intended meaning. ...
In this paper we evaluate security methods for eXtensible Markup Lan- guage (XML) and the Resource Description Framework (RDF). We ar- gue that existing models are insu-cient to provide high assurance secu- rity for future Web-based applications. We begin with a brief overview of XML access control models, where the protection objects are identi- fled by the XML syntax. We show, that these approaches are limited to handle updates and structural modiflcations of the XML documents, thus security methods must be deflned on the intended meaning of XML. We identify two main research directions to extend the XML model with semantics. The flrst approach extends the XML model with traditional database concepts, like keys and database constraints. The second approach aims to associate XML documents with metadata supporting Web-based applications. We propose the development of se- curity models based on these semantics-oriented approaches to achieve high assurance security. Further, we investigate the security needs of Web metadata, like RDF, RDFS, and OWL. In particular, we study the inference and data aggregation problems supported by these languages.
... Although their access control requirements are different from dissemination control, the identity based access control paradigm can be incorporated in our scheme. Stoica and Farkas [24] describe a data mining approach to construct ontology-based inference attacks and a scheme to identify the associated inference channels. They use an ontology to detect tags appearing in different XML documents, with different security classifications, that are ontologically equivalent, i.e., can be resolved to the same concept in an ontology. ...
Traditional discretionary access control, without data alteration op- erators, applied directly on ontologies can result in revealing un- intended information because ontologies contain meta-information about objects. As an alternative we provide a constraint logic pro- gramming based policy language that can extract, remove or de- sensitize sensitive concepts in ontologies prior to requested disclo- sures. Our policies are stratified Horn clauses with constructive negation, and our constraint system uses a finitary system of ZF sets developed by Dovier et al. - and consequently, admits a three- valued Kripke-Kleene semantics. Consequently, it is suitable for safeguarding meta-information stored on the Semantic web using OWL. We show how our three-valued semantics faithfully repre- sents traditional OWL semantics. Categories and Subject Descriptors: C.2.0 (Computer and Com- munication networks): General-Security and Protection;
... Stoica and Farkas [17, 35, 36] uses a method similar to Liu et al. [27]. They propose manipulation of XML documents according to metadata associated to them. ...
... However, only a few security model exists that addresses the security needs of these technologies. The works of Stoica and Farkas [17, 35, 36] present an initial analysis of the related problems; however the authors only address inferences via the ISA relationship . Methods, capable of handling complex, possibly interdomain relationships [33, 34], need to be developed. ...
In this paper we evaluate security methods for eXtensible Markup Language (XML) and the Resource Description Framework (RDF). We argue that existing models are insufficient to provide high assurance security for future Web-based applications. We begin with a brief overview of XML access control models, where the protection objects are identified by the XML syntax. However, these approaches are limited to handle updates and structural modifications of the XML documents. We argue that XML security methods must be based on the intended meaning of XML and the semantics of the application using XML. We identify two promising research directions to extend the XML model with semantics. The first approach incorporates traditional database concepts, like key and integrity constraints, in the XML model. The second approach aims to associate XML documents with metadata supporting Web-based applications. We propose the development of security models based on these semantics-oriented approaches to achieve high assurance. Further, we investigate the security needs of Web metadata, like RDF, RDFS, and OWL. In particular, we study the security risks of unwanted inferences and data aggregation, supported by these languages. Full Text at Springer, may require registration or fee
... Replicated information under different formats and classifications within an enterprise can cause difficulties in information security management and auditing. Stoica and Farkas [18] propose the use of ontology as a concept unifier for alleviating any possible security threats. We believe that the need of concept unification will be even more important for privacy enforcement in inter-organizational system integration, like that between a bank and a tele-marketing company. ...
With the recent adoption of marketing activities outsourcing, there have been increasing demands and concerns for privacy control. The traditional approach of a bulk transmission of the customers' information to a marketing company cannot meet such demands, especially in the finance and healthcare businesses. Therefore, we propose a layered architecture and a development methodology for end-to-end privacy control over the export of each individual customer's records through a Web services platform, according to the corresponding enterprise's privacy control policies. A Web services system, with up-dated security and privacy facilities, can provide a suitable interoperation platform for required application-to-application interactions over the Internet. We further develop a conceptual model and an interaction protocol to send only the required part of a customer's records at a time. We illustrate our approach for end-to-end privacy control with a tele-marketing case study and show how the software of the outsourced call center can be integrated effectively with the Web services of a bank to protect privacy.
