Abstract
Mediation is a powerful paradigm for advanced interoperable information systems. This paper presents the security module of the multimedia mediator which enforces a previously reported approach to secure mediation. In this approach, a user submits cryptographically signed credentials containing both personal authorization attributes and his public encryption key, and data sources decide on the query access on the basis of shown personal authorization attributes and return encrypted answers. The security module uniformly represents the query access authorizations of the sources, controls the intermediate usage of credentials, assists users in submitting appropriate credentials, selects and forwards credentials for subqueries, and exploits credentials for query optimization.
Chapter PDF
References
C. Altenschmidt, J. Biskup, J. Freitag, and B. Sprick. Weakly constraining multimedia types based on a type embedding ordering. In Proceedings of the 4th International Workshop on Multimedia Information Systems, pages 121–129, Istanbul, Turkey, September 1998.
J. Biskup, U. Flegel, and Y. Karabulut. Towards secure mediation. In 1st Workshop. on Sicherheit und Electronic Commerce, pages 93–106, Essen, Germany, October 1998. Vieweg-Verlag.
J. Biskup, U. Flegel, and Y. Karabulut. Secure Mediation: Requirements and Design. In Proceedings of the 12th Annual IFIP WG 11.3 Working Conference on Database Security, pages 127–140, Chalkidiki, Greece, 1999. Kluwer Academic Press.
J. Biskup, J. Freitag, Y. Karabulut, and B. Sprick. Query evaluation in an objectoriented multimedia mediator. In Proceedings of the 4th International Conference on Object-Oriented Information Systems, pages 31–43, Brisbane, Australia, November 1997. Springer Verlag.
M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In 17th. IEEE Symposium on Security and Privacy, pages 164–173, Los Alamitos, 1996.
R. G. G. Cattell and Douglas Barry, editors. The Object Data Standard: ODMG 3.0. Morgan Kaufmann, San Francisco, 2000.
F. Cuppens and A. Gabillon. Rules for designing multilevel object-oriented databases. In ed]Jean-Jacques Quisquater, Yves Deswarte, Catherine Meadows, and Dieter Gollmann, editors, Proceedings of the 5th European Symposium on Research in Computer Security (ESORICS’98), number 1485 in LNCS, pages 159–174, Louvain-la-Neuve, Belgium, September 1998. Springer-Verlag.
David Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10): 1030–1044, October 1985.
K. S. Candan, Sushil Jajodia, and V. S. Subrahmanian. Secure mediated databases. In Stanley Y. W. Su, editor, 12th International Conference on Data Eng., pages 28–37, New Orleans, Louisiana, USA, Feb.–Mar. 1996. IEEE, IEEE Computer Society Press.
S. Dawson, Qian S., and P. Samarati. Providing security and interoperation of heterogeneous systems. Distributed and Parallel Databases, 8(1):119–145, January 2000.
Tim Finin, Yannis Labrou, and James Mayfield. KQML as an agent communication language. In J. M. Bradshaw, editor, Software Agents. MIT Press, Cambridge, 1997. http://www.cs.umbc.edu/kqml/papers/.
IETF SPKI Working Group. SPKI certificate documentation. http://world.std.com/~cme/html/spki.html
D. Jonscher. Access Control in Object-Oriented Federated Database Systems. PhD thesis, University of Zurich, Department of Computer Science, Zurich, May 1998. DISDBIS 49, Infix-Verlag.
Object Management Group. The common object request broker, architecture and specification. CORBA 2.3.1/IIOP specification, http://www.omg.org/library/c2indx.html, December 1998.
M.S. Olivier and S.H. von Solms. A taxonomy for secure object-oriented databases. ACM Transactions on Database Systems, 19(1):3–46, 1994.
PKIX Working Group. An internet attribute certificate profile for authorization.
R. L. Rivest and B. Lampson. A simple distributed security infrastructure (SDSI). http://theory.lcs.mit.edu/~cis/sdsi.html, 1998.
K. E. Seamons, W. Winsborough, and M. Winslett. Internet credential acceptance policies. In Proceedings of the Workshop on Logic Programming for Internet Applications, Leuven, Belgium, July 1997.
Z. Tari and G. Fernandez. Security enforcement in the DOK federated database system. In P. Samarati and R. S. Sandhu, editors, Database Security, X: Status and Prospects, Proceedings of the 10th IFIP WG 11.3 Working Conference on Database Security, pages 23–42, Como, Italy, 1997. Chapman & Hall.
Gio Wiederhold, Michel Bilello, and Chris Donahue. Web implementation of a security mediator for medical databases. In T. Y. Lin and Shelly Qian, editors, Database Security, XI: Status and Prospects, Proceedings of the 11th Annual IFIP WG 11.3 Working Conference on Database Security, pages 60–72, Lake Tahoe, California, 1998. IFIP, Chapman & Hall.
G. Wiederhold. Mediators in the architecture of future information systems. IEEE Computer, 25(3):38–49, 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Kluwer Academic Publishers
About this chapter
Cite this chapter
Altenschmidt, C., Biskup, J., Karabulut, Y. (2002). Security Architecture of The Multimedia Mediator. In: Thuraisingham, B., van de Riet, R., Dittrich, K.R., Tari, Z. (eds) Data and Application Security. IFIP International Federation for Information Processing, vol 73. Springer, Boston, MA. https://doi.org/10.1007/0-306-47008-X_7
Download citation
DOI: https://doi.org/10.1007/0-306-47008-X_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7514-2
Online ISBN: 978-0-306-47008-0
eBook Packages: Springer Book Archive