Séminaire
Date de début
Date de fin
Lieu
IRISA Rennes
Salle
Métivier
Orateur
Pierre Bourhis
Département principal
SoSySec seminar
Software and Systems Security
Inria - Rennes
Thursday October 13th, 11:00
Room: Metivier
Remotely via BBB: https://bbb.inria.fr/all-t0p-qjq-9em
Access code: 192737
----------------------------------------------------------------------
Pierre Bourhis (CNRS, CRISTAL)
----------------------------------------------------------------------
======================================================================
Reasoning over leaks of information for Access Control of Databases
======================================================================
Controlling the access of data in Database management systems is a
classical problem and it has been solved through different mechanisms.
One of the most common mechanism implemented in most Database management
systems is the mechanism of views, i.e defining the accessible data of a
user as the result of a query. This mechanism is also used in principle in
other systems such as in social networks. Unfortunately, this approach
has some defaults. Even though it does not leak any secret information,
the user seeing the data can infer some of these secret data by using
different knowledge such as the logical definition of the query used
to define the accessible data and various properties of the database.
In this talk, I will present a formalism allowing to check when a set
of views does not leak any information even through this kind of attacks.
To receive the SoSySec announcements, please subscribe to the SoSySec
mailing list:
https://sympa.inria.fr/sympa/subscribe/sosysec
All past and future SoSySec talks are listed at
https://seminaires-dga.inria.fr/en/seances-a-venir/
----------------------------------------------------------------------
Vous pouvez vous abonner à nos annonces de séminaires :
https://sympa.inria.fr/sympa/subscribe/sosysec
et consulter la liste des exposés passés et à venir :
https://seminaires-dga.inria.fr/seances-a-venir/