Abstract
Data access security in federated information systems with loose coupling among local data sources is hard to achieve mainly for two reasons: local data information source heterogeneity (data models, access security models, semantics), local autonomy which do not allow to create a global integrated consistent security schema. To solve some of such problems we propose a role-based object model to describe the local data access security schemas (discretionary and non-discretionary models). Interoperability among the various local data sources is achieved by a rich descriptive layer at the federated level. The global security policy allows to define the choices concerning information flow control both for importation (from the federation to a local system) and exportation (from a local system to the federation).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Dubois G., Boulanger D.: Semantic Cooperation of Legacy Information Systems: an Object-Oriented Framework. Workshop on Database and Expert Systems Applications (DEXA’97), Toulouse, France, 1-2 Septembre (1997).
Shet A.P., Larson J.A.: Federated Database Systems for Managing Distributed Heterogeneous and Autonomous Databases. ACM Computing Surveys vol.22 n°3, 1990.
Goyal M.L., Singh G.V.: Access Control In Heterogeneous Database Management Systems. Computers and Security, 10(7), North-Holland, 1991.
Jonscher D., Dittrich K.R.: An Approach for Building Secure Database Federations. Int.’l Conf. On Very Large Databases, Santiago, 1994.
Olivier M.S.: A Multilevel Secure Federated Database. Database Security VII, North-Holland, 1994.
Sandhu R. S.: Role Hierarchies and Constraints for Lattice-based Access Controls. Fourth European Symposium on Research in Computer Security, Rome, Italy, 1996.
Sandhu R. S., Munawer Q.: How to do Discretionary Access Control Using Roles. ACM Role-Based Access Control Workshop, 1998.
Pernul G.: Canonical Security Modelling for Federated Databases. Interoperable Database Systems, North-Holland, 1993.
Tari Z., Fernandez G.: Security Enforcement in the DOK Federated Database System. Database Security X, 1997.
Castano S., Martella G. and Samarati P.: Analysis, comparison and design of role-based security specifications. Data & Knowledge Engineering 21, 1997.
Boulanger D., Dubois G.: An Object Approach for Information System Cooperation. Information Systems vol. 23, n°6, 1998.
Boulanger D., Disson E., Dubois G.: Object-Oriented Metadata for Secured Cooperation of Legacy Information Systems. International Workshop on Model engineering IWME’00, Sophia-Antipolis and Cannes, France, 12-16th June 2000.
Disson E.: A Role-based Access Model for Federated Databases Security. Poster session ESORICS 2000, Toulouse, 4-6th October 2000.
Nyanchama M., Osborn S.: Modeling mandatory access control in role-based security systems. Database Security VIII: Status and Prospects. Chapman-Hall, 1996.
Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E.: Role-Based Access Control Model. IEEE Computer, Vol 29, n°2, 1996.
Lampson B.W.: Protection. Princeton Symposium of Information Science and Systems. 1971.
Bell D.E., LaPadula L.J.: Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report MTR-2997, MITRE Corp., Bedford, Mass, 1976.
OMG, Unified Modeling Language Specification, version 1.3, March 2000.
Jajodia S., Kogan B.: Integrating an object-oriented data model with multi-level security. IEE Symposium on Security and Privacy, 1990.
Millen J.K., Lunt T.F.: Security for Object-Oriented Database Systems. IEEE Symposium on Research in Security and Privacy, 1992.
Keefe T., Tsai W.: Prototyping the SODA Security Model. Database Security III: Status and Prospects, North-Holland, 1990.
Lunt T.F.: Multilevel Security for Object-Oriented Database Systems. Database Security III: Status and Prospects, North-Holland, 1990.
Denning D.E.: Secure distributed data views: the Sea View formal security model. Technical Report A003 SRI International, 1987.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Disson, E., Boulanger, D., Dubois, G. (2001). A Role-Based Model for Access Control in Database Federations. In: Qing, S., Okamoto, T., Zhou, J. (eds) Information and Communications Security. ICICS 2001. Lecture Notes in Computer Science, vol 2229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45600-7_47
Download citation
DOI: https://doi.org/10.1007/3-540-45600-7_47
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42880-0
Online ISBN: 978-3-540-45600-1
eBook Packages: Springer Book Archive