Disjunctive Policies for Database-Backed Programs

• URL: http://arxiv.org/abs/2312.10441v2
• Date: Fri, 26 Apr 2024 14:58:02 GMT
• Title: Disjunctive Policies for Database-Backed Programs
• Authors: Amir M. Ahmadian, Matvey Soloviev, Musard Balliu,
• Abstract summary: A formal semantic model of disjunctive dependencies, the Quantale of Information, was recently introduced by Hunt and Sands. We introduce a new query-based structure which captures the ordering of disjunctive information in databases. We design a sound enforcement mechanism to check disjunctive policies for database-backed programs.
• Score: 4.220713004424807
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: When specifying security policies for databases, it is often natural to formulate disjunctive dependencies, where a piece of information may depend on at most one of two dependencies P1 or P2, but not both. A formal semantic model of such disjunctive dependencies, the Quantale of Information, was recently introduced by Hunt and Sands as a generalization of the Lattice of Information. In this paper, we seek to contribute to the understanding of disjunctive dependencies in database-backed programs and introduce a practical framework to statically enforce disjunctive security policies. To that end, we introduce the Determinacy Quantale, a new query-based structure which captures the ordering of disjunctive information in databases. This structure can be understood as a query-based counterpart to the Quantale of Information. Based on this structure, we design a sound enforcement mechanism to check disjunctive policies for database-backed programs. This mechanism is based on a type-based analysis for a simple imperative language with database queries, which is precise enough to accommodate a variety of row- and column-level database policies flexibly while keeping track of disjunctions due to control flow. We validate our mechanism by implementing it in a tool, DiVerT, and demonstrate its feasibility on a number of use cases.

Related papers

• TrustUQA: A Trustful Framework for Unified Structured Data Question Answering [45.480862651323115]
  We propose UnifiedTQA, a trustful QA framework that can simultaneously support multiple types of structured data in a unified way. We have evaluated UnifiedTQA with 5 benchmarks covering 3 types of structured data. It outperforms 2 existing unified structured data QA methods and in comparison with the baselines that are specific to a data type, it achieves state-of-the-art on 2 of them.
  arXiv  Detail & Related papers  (2024-06-27T06:13:05Z)
• Controlled Query Evaluation through Epistemic Dependencies [7.502796412126707]
  We show the expressive abilities of our framework and study the data complexity of CQE for (unions of) conjunctive queries. We prove tractability for the case of acyclic dependencies by providing a suitable query algorithm.
  arXiv  Detail & Related papers  (2024-05-03T19:48:07Z)
• Consistent Query Answering for Existential Rules with Closed Predicates [2.559168320734115]
  Consistent Query Answering (CQA) is an inconsistency-tolerant approach to data access in databases. We study CQA in databases with data dependencies expressed by existential rules.
  arXiv  Detail & Related papers  (2024-01-11T08:48:40Z)
• DIVKNOWQA: Assessing the Reasoning Ability of LLMs via Open-Domain Question Answering over Knowledge Base and Text [73.68051228972024]
  Large Language Models (LLMs) have exhibited impressive generation capabilities, but they suffer from hallucinations when relying on their internal knowledge. Retrieval-augmented LLMs have emerged as a potential solution to ground LLMs in external knowledge.
  arXiv  Detail & Related papers  (2023-10-31T04:37:57Z)
• Conjunctive Query Based Constraint Solving For Feature Model Configuration [79.14348940034351]
  We show how to apply conjunctive queries to solve constraint satisfaction problems. This approach allows the application of a wide-spread database technology to solve configuration tasks.
  arXiv  Detail & Related papers  (2023-04-26T10:08:07Z)
• Uni-Parser: Unified Semantic Parser for Question Answering on Knowledge Base and Database [86.03294330305097]
  We propose a unified semantic element for question answering (QA) on both knowledge bases (KB) and databases (DB) We introduce the primitive (relation and entity in KB, table name, column name and cell value in DB) as an essential element in our framework. We leverage the generator to predict final logical forms by altering and composing topranked primitives with different operations.
  arXiv  Detail & Related papers  (2022-11-09T19:33:27Z)
• Proton: Probing Schema Linking Information from Pre-trained Language Models for Text-to-SQL Parsing [66.55478402233399]
  We propose a framework to elicit relational structures via a probing procedure based on Poincar'e distance metric. Compared with commonly-used rule-based methods for schema linking, we found that probing relations can robustly capture semantic correspondences. Our framework sets new state-of-the-art performance on three benchmarks.
  arXiv  Detail & Related papers  (2022-06-28T14:05:25Z)
• CateCom: a practical data-centric approach to categorization of computational models [77.34726150561087]
  We present an effort aimed at organizing the landscape of physics-based and data-driven computational models. We apply object-oriented design concepts and outline the foundations of an open-source collaborative framework.
  arXiv  Detail & Related papers  (2021-09-28T02:59:40Z)
• BERT Meets Relational DB: Contextual Representations of Relational Databases [4.029818252558553]
  We address the problem of learning low dimension representation of entities on relational databases consisting of multiple tables. We look into ways of using these attention-based model to learn embeddings for entities in the relational database.
  arXiv  Detail & Related papers  (2021-04-30T11:23:26Z)
• Fast Compliance Checking with General Vocabularies [0.0]
  We introduce an OWL2 profile for representing data protection policies. With this language, a company's data usage policy can be checked for compliance with data subjects' consent. We exploit IBQ reasoning to integrate specialized reasoners for the policy language and the vocabulary's language.
  arXiv  Detail & Related papers  (2020-01-16T09:08:00Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.