TY - JOUR
T1 - A conceptual framework for secrecy-preserving reasoning in knowledge bases
AU - Tao, Jia
AU - Slutzki, Giora
AU - Honavar, Vasant
N1 - Publisher Copyright:
© 2014 ACM.
Copyright:
Copyright 2015 Elsevier B.V., All rights reserved.
PY - 2014/12/29
Y1 - 2014/12/29
N2 - In many applications, Knowledge Bases (KBs) contain confidential or private information (secrets). The KB should be able to use this secret information in its reasoning process but in answering user queries care must be exercised so that secrets are not revealed to unauthorized users.We consider this problem under the OpenWorld Assumption (OWA) in a setting with multiple querying agents M1,.,Mm that can pose queries against the KB κ and selectively share answers that they receive from κ with one or more other querying agents. We assume that for each Mi, the KB has a prespecified set of secrets Si that need to be protected from Mi. Communication between querying agents is modeled by a communication graph, a directed graph with self-loops. We introduce a general framework and propose an approach to secrecy-preserving query answering based on sound and complete proof systems. The idea is to hide the truthful answer from a querying agent Mi by feigning ignorance without lying (i.e., to provide the answer 'Unknown' to a query q if it needs to be protected. Under the OWA, a querying agent cannot distinguish between the case that q is being protected (for reasons of secrecy) and the case that it cannot be inferred from κ. In the pre-query stage we compute a set of envelopes E1,., Em (restricted to a finite subset of the set of formulae that are entailed by κ) so that Si ⊆ Ei, and a query α posed by agent Mi can be answered truthfully whenever α ∉ Ei and ¬α ∉ Ei. After the pre-query stage, the envelope is updated as needed. We illustrate this approach with two simple cases: the Propositional Horn KBs and the Description Logic AL KBs.
AB - In many applications, Knowledge Bases (KBs) contain confidential or private information (secrets). The KB should be able to use this secret information in its reasoning process but in answering user queries care must be exercised so that secrets are not revealed to unauthorized users.We consider this problem under the OpenWorld Assumption (OWA) in a setting with multiple querying agents M1,.,Mm that can pose queries against the KB κ and selectively share answers that they receive from κ with one or more other querying agents. We assume that for each Mi, the KB has a prespecified set of secrets Si that need to be protected from Mi. Communication between querying agents is modeled by a communication graph, a directed graph with self-loops. We introduce a general framework and propose an approach to secrecy-preserving query answering based on sound and complete proof systems. The idea is to hide the truthful answer from a querying agent Mi by feigning ignorance without lying (i.e., to provide the answer 'Unknown' to a query q if it needs to be protected. Under the OWA, a querying agent cannot distinguish between the case that q is being protected (for reasons of secrecy) and the case that it cannot be inferred from κ. In the pre-query stage we compute a set of envelopes E1,., Em (restricted to a finite subset of the set of formulae that are entailed by κ) so that Si ⊆ Ei, and a query α posed by agent Mi can be answered truthfully whenever α ∉ Ei and ¬α ∉ Ei. After the pre-query stage, the envelope is updated as needed. We illustrate this approach with two simple cases: the Propositional Horn KBs and the Description Logic AL KBs.
UR - http://www.scopus.com/inward/record.url?scp=84920933451&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84920933451&partnerID=8YFLogxK
U2 - 10.1145/2637477
DO - 10.1145/2637477
M3 - Article
AN - SCOPUS:84920933451
VL - 16
JO - ACM Transactions on Computational Logic
JF - ACM Transactions on Computational Logic
SN - 1529-3785
IS - 1
M1 - 3
ER -