In many applications, Knowledge Bases (KBs) contain confidential or private information (secrets). The KB should be able to use this secret information in its reasoning process but in answering user queries care must be exercised so that secrets are not revealed to unauthorized users.We consider this problem under the OpenWorld Assumption (OWA) in a setting with multiple querying agents M1,.,Mm that can pose queries against the KB κ and selectively share answers that they receive from κ with one or more other querying agents. We assume that for each Mi, the KB has a prespecified set of secrets Si that need to be protected from Mi. Communication between querying agents is modeled by a communication graph, a directed graph with self-loops. We introduce a general framework and propose an approach to secrecy-preserving query answering based on sound and complete proof systems. The idea is to hide the truthful answer from a querying agent Mi by feigning ignorance without lying (i.e., to provide the answer 'Unknown' to a query q if it needs to be protected. Under the OWA, a querying agent cannot distinguish between the case that q is being protected (for reasons of secrecy) and the case that it cannot be inferred from κ. In the pre-query stage we compute a set of envelopes E1,., Em (restricted to a finite subset of the set of formulae that are entailed by κ) so that Si ⊆ Ei, and a query α posed by agent Mi can be answered truthfully whenever α ∉ Ei and ¬α ∉ Ei. After the pre-query stage, the envelope is updated as needed. We illustrate this approach with two simple cases: the Propositional Horn KBs and the Description Logic AL KBs.
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Computer Science(all)
- Computational Mathematics