A Framework for Inference Control inIncomplete Logic DatabasesDissertationzur Erlangung des Grades einesDoktors der Naturwissenschaftender Technischen Universit¨at Dortmundan der Fakult¨at f¨ur InformatikvonTorben WeibertDortmund2008Tag der mu¨ndlichen Pru¨fung: 7. Februar 2008Dekan: Prof. Dr. Peter Buchholz1. Gutachter: Prof. Dr. Joachim Biskup2. Gutachter: Prof. Dr. Gabriele Kern-IsbernerAbstractSecurity in information systems aims at various, possibly conflicting goals, two of whichare availablility and confidentiality. On the one hand, as much information as possibleshouldbeprovidedtotheuser. Ontheotherhand,certaininformationmaybeconfidentialandmustnotbedisclosed. Inthiscontext, inferencesareamajorproblem: Theusermightcombine a priori knowledge and public information gained from the answers in order toinfer secret information.Controlled Query Evaluation (CQE) is a dynamic, policy-driven mechanism for theenforcement of confidentiality in information systems, namely by the distortion of certainanswers, by means of either lying or refusal. CQE prevents harmful inferences, and triestoprovidethebestpossibleavailability whilestillpreservingconfidentiality. Inthisthesis,we present a framework for Controlled Query Evaluation in incomplete logic databases.In the first part of the thesis, we consider CQE from a declarative point of view.