Securing Databases from Probabilistic Inference
Marco Guarnieri, Srdjan Marinovic, David Basin

TL;DR
This paper introduces Angerona, a probabilistic inference control mechanism based on ProbLog, which effectively prevents information leakage in databases with probabilistic dependencies, and demonstrates its scalability and practical relevance.
Contribution
It develops a novel foundation for database inference control using ProbLog and provides a tractable algorithm for a key fragment, enhancing security in probabilistic databases.
Findings
Angerona effectively prevents probabilistic information leakage.
The inference algorithm scales to security-critical problems.
Empirical evaluation shows practical performance of Angerona.
Abstract
Databases can leak confidential information when users combine query results with probabilistic data dependencies and prior knowledge. Current research offers mechanisms that either handle a limited class of dependencies or lack tractable enforcement algorithms. We propose a foundation for Database Inference Control based on ProbLog, a probabilistic logic programming language. We leverage this foundation to develop Angerona, a provably secure enforcement mechanism that prevents information leakage in the presence of probabilistic dependencies. We then provide a tractable inference algorithm for a practically relevant fragment of ProbLog. We empirically evaluate Angerona's performance showing that it scales to relevant security-critical problems.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
