Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Confidentiality-preserving proof theories for distributed proof systems

Minami, K and Borisov, N and Winslett, M and Lee, AJ (2011) Confidentiality-preserving proof theories for distributed proof systems. In: UNSPECIFIED UNSPECIFIED, 145 - 154. ISBN 9781450305648

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)

Abstract

A distributed proof system is an effective way for deriving useful information by combining data from knowledge bases managed by multiple different principals across different administrative domains. As such, many researchers have proposed using these types of systems as a foundation for distributed authorization and trust management in decentralized systems. However, to account for the potentially sensitive nature of the underlying information, it is important that such proof systems be able to protect the confidentiality of the logical facts and statements. In this paper, we explore the design space of sound and safe confidentiality-preserving distributed proof systems. Specifically, we develop a framework to analyze the theoretical best-case proving power of these types of systems by analyzing confidentiality-preserving proof theories for Datalog-like languages within the context of a trusted third party evaluation model. We then develop a notion of safety based on the concept of non-deducibility and analyze the safety of several confidentiality-enforcing proof theories from the literature. The results in this paper show that the types of discretionary access control enforced by most systems on a principal-to-principal basis are indeed safe, but lack proving power when compared to other systems. Specifically, we show that a version of the Minami-Kotz (MK) proof system can prove more facts than the simple DAC system while retaining the safety property of the simple system. We further show that a seemingly-useful modification of the MK to support commutative encryption breaks the safety of the system without violating soundness. Copyright 2011 ACM.


Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Book Section
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Minami, K
Borisov, N
Winslett, M
Lee, AJadamlee@pitt.eduADAMLEE
Date: 20 May 2011
Date Type: Publication
Journal or Publication Title: Proceedings of the 6th International Symposium on Information, Computer and Communications Security, ASIACCS 2011
Page Range: 145 - 154
Event Type: Conference
DOI or Unique Handle: 10.1145/1966913.1966933
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Refereed: Yes
ISBN: 9781450305648
Date Deposited: 27 Nov 2012 18:40
Last Modified: 02 Feb 2019 16:56
URI: http://d-scholarship.pitt.edu/id/eprint/16477

Metrics

Monthly Views for the past 3 years

Plum Analytics

Altmetric.com


Actions (login required)

View Item View Item