Verification of the Security against Inference Attacks on XML Databases

Kenji HASHIMOTO  Kimihide SAKANO  Fumikazu TAKASUKA  Yasunori ISHIHARA  Toru FUJIWARA  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E92-D   No.5   pp.1022-1032
Publication Date: 2009/05/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E92.D.1022
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Section on Formal Approach)
Category: Security
Keyword: 
XML database,  inference attack,  security,  verification,  

Full Text: PDF(814.8KB)>>
Buy this Article




Summary: 
This paper discusses verification of the security against inference attacks on XML databases. First, a security definition called k-secrecy against inference attacks on XML databases is proposed. k-secrecy with an integer k > 1 (or k = ∞) means that attackers cannot narrow down the candidates for the value of the sensitive information to k - 1 (or finite), using the results of given authorized queries and schema information. Secondly, an XML query model such that verification can be performed straightforwardly according to the security definition is presented. The query model can represent practical queries which extract some nodes according to any of their neighboring nodes such as ancestors, descendants, and siblings. Thirdly, another refinement of the verification method is presented, which produces much smaller intermediate results if a schema contains no arbitrarily recursive element. The correctness of the refinement is proved, and the effect of the refinement in time and space efficiency has been confirmed by experiment.