publications: - title: "An Abstract Interpretation Framework for Structured Query Languages" author: - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" year: "2009" month: "14-16 October" doi: "http://www2.imm.dtu.dk/projects/nwpt09/" abstract: "In this work we introduce an Abstract Interpretation framework for database query languages. This theoretical work extends a provably sound approach of static analysis to the field of query languages for relational databases. More generally, the semantics of query languages can be tuned according to suitable abstractions of the concrete domain of data." links: doi: "http://www2.imm.dtu.dk/projects/nwpt09/" tags: - "semantics" - "data-flow language" - "relational database" - "domain analysis" - "analysis" - "static analysis" - "data-flow" - "database" - "abstraction" - "data-flow analysis" - "systematic-approach" - "query language" - "domain-specific language" researchr: "https://researchr.org/publication/SQLsem-NWPT09" cites: 0 citedby: 0 booktitle: "Proceedings of the 21st Nordic Workshop on Programming Theory (NWPT'09)" address: "Lyngby, Denmark" publisher: "DTU Informatics" isbn: "978-87-643-0565-4" kind: "inproceedings" key: "SQLsem-NWPT09" - title: "Abstract Interpretation for sound approximation of database query languages" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" doi: "http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5461771" abstract: "In this paper we extend the Abstract Interpretation framework to the field of query languages for relational databases as a way to support sound approximation techniques. This way, the semantics of query languages can be tuned according to suitable abstractions of the concrete domain of data." links: doi: "http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5461771" tags: - "semantics" - "data-flow language" - "relational database" - "data-flow" - "database" - "abstraction" - "query language" - "domain-specific language" researchr: "https://researchr.org/publication/SQLsem-INFOS10-4" cites: 0 citedby: 0 booktitle: "Proceedings of the 7th International Conference on Informatics and Systems (INFOS 2010) , Cairo, Egypt, March 28 - 30, 2010" publisher: "IEEE Press" isbn: "978-1-4244-5828-8" kind: "inproceedings" key: "SQLsem-INFOS10-4" - title: "Observation-based Fine Grained Access Control for Relational Databases" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" month: "22-24 July" doi: "http://www.icsoft.org/" abstract: "Fine Grained Access Control (FGAC) provides users the access to the non-confidential database information while preventing unauthorized leakage of the confidential data. It provides two extreme views to the database information: completely public or completely hidden. In this paper, we propose an Observation-based Fine Grained Access Control (OFGAC) mechanism based on the Abstract Interpretation framework where data are made accessible at various level of abstraction. In this setting, unauthorized users are not able to infer the exact content of a cell containing confidential information, while they are allowed to get partial information out of it, according to their access rights. Different level of sensitivity of the information correspond to different level of abstraction. In this way, we can tune different parts of the same database content according to different level of abstraction at the same time. The traditional FGAC can be seen as a special case of the OFGAC framework. " links: doi: "http://www.icsoft.org/" tags: - "relational data base" - "rule-based" - "relational database" - "data-flow" - "database" - "abstraction" - "access control" - "role-based access control" researchr: "https://researchr.org/publication/OFGAC-ICSOFT10" cites: 0 citedby: 0 booktitle: "Proceedings of the 5th International Conference on Software and Data Technologies (ICSOFT 2010)" address: "Athens, Greece" publisher: "INSTICC Press" kind: "inproceedings" key: "OFGAC-ICSOFT10" - title: "Obfuscation-based Analysis of SQL Injection Attacks" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" month: "22-25 June" doi: "http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5546750" abstract: "In this paper, we propose an obfuscation/deobfuscation based technique to detect the presence of possible SQL Injection Attacks (SQLIA) in a query before submitting it to a DBMS. This technique combines static and dynamic analysis. In the static phase, the queries in the application are replaced by queries in obfuscated form. The main idea behind obfuscation is to isolate all the atomic formulas from other control elements of the query. During the dynamic phase, the user inputs are merged into the obfuscated atomic formulas, and the dynamic verifier analysis the presence of possible SQLIA at atomic formula level. Finally, a deobfuscation step is performed to recover the original query before submitting it to the DBMS." links: doi: "http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=5546750" tags: - "rule-based" - "injection attack" - "SQL" - "analysis" - "static analysis" researchr: "https://researchr.org/publication/SQLIA-ISCC10" cites: 0 citedby: 0 booktitle: "Proceedings of the 15th IEEE Symposium on Computers and Communications (ISCC 2010)" address: "Riccione, Italy" publisher: "IEEE Press" kind: "inproceedings" key: "SQLIA-ISCC10" - title: "Cooperative Query Answering by Abstract Interpretation" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2011" month: "January" doi: "http://kedrigern.dcs.fmph.uniba.sk/kralovic/sofsem2011/" abstract: "A common problem for many database users is how to formulate and submit correct queries in order to get useful responses from the system, with little or no knowledge of the database structure and its content. The notion of cooperative query answering has been explored as an effective mechanism to address this problem. In this paper, we propose a cooperative query answering scheme based on the Abstract Interpretation framework. In this context, we address three key issues: soundness, relevancy and optimality of the cooperative answers." links: doi: "http://kedrigern.dcs.fmph.uniba.sk/kralovic/sofsem2011/" tags: - "rule-based" - "database" - "context-aware" researchr: "https://researchr.org/publication/COOP-SOFSEM11" cites: 0 citedby: 0 booktitle: "Proceedings of the 37th International Conference on Current Trends in Theory and Practice of Computer Science" address: "Novy Smokovec, Slovakia" publisher: "Springer LNCS" kind: "inproceedings" key: "COOP-SOFSEM11" - title: "Watermarking Techniques for Relational Databases: Survey, Classification and Comparison" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Pal, Shantanu" link: "https://researchr.org/alias/pal%2C-shantanu" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" month: "December" note: "Impact factor: 0.669" links: "url": "http://www.jucs.org/jucs_16_21/watermarking_techniques_for_relational" tags: - "classification" - "relational database" - "watermarking" - "survey" researchr: "https://researchr.org/publication/WM-JUCS10" cites: 0 citedby: 0 journal: "Journal of Universal Computer Science" volume: "16" number: "21" kind: "article" key: "WM-JUCS10" - title: "Persistent Watermarking of Relational Databases" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" month: "4-5 October" doi: "http://cnc.engineersnetwork.org/" abstract: "Digital watermarking for relational databases emerged as a candidate solution to provide copyright protection of relational data, maintaining integrity of the database information, tamper detection, traitor tracing etc. In this paper, we introduce the notion of persistent watermarking that serves as a way to recognize the integrity and ownership proof of the database bounded with a set of queries. It allows the evaluation of the database while applying the queries. We preserve the persistency of the watermark by exploiting two invariants of the database state w.r.t. the set of queries: Stable Cells and Semantics-based Properties of the data. We discuss how we can improve the existing techniques in terms of the persistency of the watermark. Moreover, we propose a novel persistent watermarking scheme that strictly improves the algorithm proposed by Li and Deng." links: doi: "http://cnc.engineersnetwork.org/" tags: - "semantics" - "relational data base" - "rule-based" - "persistent" - "relational database" - "watermarking" - "data-flow" - "database" researchr: "https://researchr.org/publication/WM-CNC10" cites: 0 citedby: 0 booktitle: "Proceedings of the IEEE International Conference on Advances in Communication, Network, and Computing (CNC'10)" address: "Calicut, Kerala, India" publisher: "IEEE Computer Society" kind: "inproceedings" key: "WM-CNC10" - title: "Dependence Condition Graph for Semantics-based Abstract Program Slicing" author: - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" - name: "Halder, Raju" link: "https://researchr.org/alias/halder%2C-raju" year: "2010" month: "27-28 March" doi: "http://ldta.info/preproceedings2010.pdf" abstract: "Many slicing techniques have been proposed based on the traditional Program Dependence Graph (PDG) representation. In traditional PDGs, the notion of data dependency between statements is based on syntactic presence of a variable in the definition of another variable or in a conditional expression. Mastroeni and Zanardini introduced semantics-based data dependency both at concrete and abstract domain. This semantics-based data dependency is computed at expression level over all possible (abstract) states appearing at program points. In this paper, we strictly improve this approach by (i) considering semantic relevancy of statements (not only expressions), and (ii) adopting conditional dependency. This allows us to transform the semantics-based (abstract) PDG into a semantics-based (abstract) Dependence Condition Graph (DCG) that enables to identify the conditions for dependence between program points. The resulting program slicing algorithm designed this way is strictly more accurate than the Mastroeni and Zanardini’s one." links: doi: "http://ldta.info/preproceedings2010.pdf" tags: - "semantics" - "rule-based" - "data-flow programming" - "data-flow" - "graph-rewriting" - "slicing" - "programming" - "rewriting" - "systematic-approach" researchr: "https://researchr.org/publication/Slice-LDTA10" cites: 0 citedby: 0 booktitle: "Proceedings of the 10th International Workshop on Language Descriptions Tools and Applications (LDTA'10) - satellite event of European Joint Conferences on Theory and Practice of Software (ETAPS'10)" address: "Paphos, Cyprus" publisher: "ACM Press" kind: "inproceedings" key: "Slice-LDTA10" - title: "Dependence condition graph for semantics-based abstract program slicing" author: - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" year: "2010" doi: "http://doi.acm.org/10.1145/1868281.1868285" links: doi: "http://doi.acm.org/10.1145/1868281.1868285" dblp: "http://dblp.uni-trier.de/rec/bibtex/conf/ldta/CortesiH10" tags: - "semantics" - "rule-based" - "graph-rewriting" - "slicing" - "rewriting" researchr: "https://researchr.org/publication/CortesiH10" cites: 0 citedby: 0 pages: "4" booktitle: "Proceedings of the of the Tenth Workshop on Language Descriptions, Tools and Applications, LDTA 2010, Paphos, Cyprus, March 28-29, 2010 - satellite event of ETAPS" editor: - name: "Claus Brabrand" link: "https://researchr.org/alias/claus-brabrand" - name: "Pierre-Etienne Moreau" link: "https://researchr.org/alias/pierre-etienne-moreau" publisher: "ACM" isbn: "978-1-4503-0063-6" kind: "inproceedings" key: "CortesiH10" - title: "A Persistent Public Watermarking of Relational Databases" author: - name: "Raju Halder" link: "https://sites.google.com/site/rajuhaldersprofile/home" - name: "Agostino Cortesi" link: "http://www.dsi.unive.it/~cortesi/" year: "2010" month: "15-19 December" doi: "http://www.cs.wisc.edu/iciss10/" abstract: "In this paper, we propose a novel fragile and robust persistent watermarking scheme for relational databases that embeds both private and public watermarks where the former allows the owner to prove his ownership, while the latter allows any end-user to verify the correctness and originality of the data in the database without loss of strength and security. The public watermarking is based on a part of the database state which remains invariant under processing of the queries associated with the database, whereas the private watermarking is based on an appropriate form of the original database state, called abstract database, and the semantics-based properties of the data which remain invariant under processing of the associated queries." links: doi: "http://www.cs.wisc.edu/iciss10/" tags: - "semantics" - "relational data base" - "rule-based" - "persistent" - "relational database" - "watermarking" - "data-flow" - "security" - "database" researchr: "https://researchr.org/publication/WM-ICISS10" cites: 0 citedby: 0 booktitle: "Proceedings of the 6th International Conference on Information Systems Security (ICISS 2010)" volume: "6503" address: "Gandhinagar, Gujrat, India" publisher: "Springer LNCS" kind: "inproceedings" key: "WM-ICISS10"