Skip to main content

A Role-Based Model for Access Control in Database Federations

  • Conference paper
  • First Online:
Information and Communications Security (ICICS 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2229))

Included in the following conference series:

Abstract

Data access security in federated information systems with loose coupling among local data sources is hard to achieve mainly for two reasons: local data information source heterogeneity (data models, access security models, semantics), local autonomy which do not allow to create a global integrated consistent security schema. To solve some of such problems we propose a role-based object model to describe the local data access security schemas (discretionary and non-discretionary models). Interoperability among the various local data sources is achieved by a rich descriptive layer at the federated level. The global security policy allows to define the choices concerning information flow control both for importation (from the federation to a local system) and exportation (from a local system to the federation).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Dubois G., Boulanger D.: Semantic Cooperation of Legacy Information Systems: an Object-Oriented Framework. Workshop on Database and Expert Systems Applications (DEXA’97), Toulouse, France, 1-2 Septembre (1997).

    Google Scholar 

  2. Shet A.P., Larson J.A.: Federated Database Systems for Managing Distributed Heterogeneous and Autonomous Databases. ACM Computing Surveys vol.22 n°3, 1990.

    Google Scholar 

  3. Goyal M.L., Singh G.V.: Access Control In Heterogeneous Database Management Systems. Computers and Security, 10(7), North-Holland, 1991.

    Google Scholar 

  4. Jonscher D., Dittrich K.R.: An Approach for Building Secure Database Federations. Int.’l Conf. On Very Large Databases, Santiago, 1994.

    Google Scholar 

  5. Olivier M.S.: A Multilevel Secure Federated Database. Database Security VII, North-Holland, 1994.

    Google Scholar 

  6. Sandhu R. S.: Role Hierarchies and Constraints for Lattice-based Access Controls. Fourth European Symposium on Research in Computer Security, Rome, Italy, 1996.

    Google Scholar 

  7. Sandhu R. S., Munawer Q.: How to do Discretionary Access Control Using Roles. ACM Role-Based Access Control Workshop, 1998.

    Google Scholar 

  8. Pernul G.: Canonical Security Modelling for Federated Databases. Interoperable Database Systems, North-Holland, 1993.

    Google Scholar 

  9. Tari Z., Fernandez G.: Security Enforcement in the DOK Federated Database System. Database Security X, 1997.

    Google Scholar 

  10. Castano S., Martella G. and Samarati P.: Analysis, comparison and design of role-based security specifications. Data & Knowledge Engineering 21, 1997.

    Google Scholar 

  11. Boulanger D., Dubois G.: An Object Approach for Information System Cooperation. Information Systems vol. 23, n°6, 1998.

    Google Scholar 

  12. Boulanger D., Disson E., Dubois G.: Object-Oriented Metadata for Secured Cooperation of Legacy Information Systems. International Workshop on Model engineering IWME’00, Sophia-Antipolis and Cannes, France, 12-16th June 2000.

    Google Scholar 

  13. Disson E.: A Role-based Access Model for Federated Databases Security. Poster session ESORICS 2000, Toulouse, 4-6th October 2000.

    Google Scholar 

  14. Nyanchama M., Osborn S.: Modeling mandatory access control in role-based security systems. Database Security VIII: Status and Prospects. Chapman-Hall, 1996.

    Google Scholar 

  15. Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E.: Role-Based Access Control Model. IEEE Computer, Vol 29, n°2, 1996.

    Google Scholar 

  16. Lampson B.W.: Protection. Princeton Symposium of Information Science and Systems. 1971.

    Google Scholar 

  17. Bell D.E., LaPadula L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-2997, MITRE Corp., Bedford, Mass, 1976.

    Google Scholar 

  18. OMG, Unified Modeling Language Specification, version 1.3, March 2000.

    Google Scholar 

  19. Jajodia S., Kogan B.: Integrating an object-oriented data model with multi-level security. IEE Symposium on Security and Privacy, 1990.

    Google Scholar 

  20. Millen J.K., Lunt T.F.: Security for Object-Oriented Database Systems. IEEE Symposium on Research in Security and Privacy, 1992.

    Google Scholar 

  21. Keefe T., Tsai W.: Prototyping the SODA Security Model. Database Security III: Status and Prospects, North-Holland, 1990.

    Google Scholar 

  22. Lunt T.F.: Multilevel Security for Object-Oriented Database Systems. Database Security III: Status and Prospects, North-Holland, 1990.

    Google Scholar 

  23. Denning D.E.: Secure distributed data views: the Sea View formal security model. Technical Report A003 SRI International, 1987.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Disson, E., Boulanger, D., Dubois, G. (2001). A Role-Based Model for Access Control in Database Federations. In: Qing, S., Okamoto, T., Zhou, J. (eds) Information and Communications Security. ICICS 2001. Lecture Notes in Computer Science, vol 2229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45600-7_47

Download citation

  • DOI: https://doi.org/10.1007/3-540-45600-7_47

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42880-0

  • Online ISBN: 978-3-540-45600-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics