Abstract
Global authorizations in federated database systems can be derived from local authorizations exported by component databases. This paper addresses problems related to the development of techniques for the analysis of local authorizations and for the construction of global authorizations where semantic correspondences between subjects in different component databases are identified on the basis of authorization compatibility. Abstraction of compatible authorizations is discussed to semi-automatically derive global authorizations that are consistent with the local ones.
Chapter PDF
Similar content being viewed by others
Keywords
References
Batini,C., Lenzerini, M., and Navathe, S. (1986) A Comprehensive Analysis of Methodologies for Database Schema Integration, ACM Computing Surveys, 18 (4).
Bright, M.W., Hurson, A.R., and Pakzad, S. (1994) Automated Resolution of Semantic Heterogeneity in Multidatabases, ACM Transactions On Database Systems, 19 (2).
Castano, S. and Samarati, P. (1992) An Object-Oriented Security Model for Office Environments, in Proc. of the 1992 IEEE Int. Carnahan Conference on Security Technology, Canada.
Castano, S., Martella, G., and Samarati, P. (1994) A New Approach to Security System Development, in Proc. of 3rd ACM Workshop on New Security Paradigms, Little Compton, Rhode Island.
Castano, S., Fugini, M.G., Martella, G., and Samarati, P. (1995) Database Security Addison-Wesley.
Everitt, B. (1974) Cluster Analysis, Heinemann Educational Books Ltd, Social Science Research Council.
Fernandez, E.B., Wu, J., and Fernandez, M.H. (1994) User Group Structures in Object-Oriented Database Authorizations, in Proc. Working Conference on Database Security, IFIP WG 11.3, J. Biskup, M. Morgenstern, and C. Landewhr (eds.).
Idris, N.B., Qutaishat, M.A., and Gray, W.A. (1994) Integration of Secrecy Features in a Federated Database Environment, in Database security, VII: status and prospects, North-Holland.
Jonscher, D. and Dittrich, K.R. (1993) Access Control for Database Federation—A Discussion of the State-of-the-Art, in Proc. of the DBTA Workshop on Interoperability of Database Systems and Database Applications, Fribourg, Switzerland.
Jonscher, D. and Dittrich, K.R. (1994) An Approach for Building Secure Database Federations, in Proc. of the 20th Int. Conference on Very Large Databases (VLDB), Santiago, Chile.
Jonscher, D. and Dittrich, K.R. (1995) Argos—A Configurable Access Control Subsystem Which Can Propogate Access Rights, in Proc. of 9th IFIP Working Conference on Database Security, IFIP WG 11. 3, Rensselaerville, New York, USA.
Kim, W., Choi, I., Gala, S., and Scheevel, M. (1995) On Resolving Schematic Heterogeneity in Multidatabase Systems, in Modern Database Systems-The Object Model, Interoperability and Beyond W. Kim (ed. ), ACM Press.
Hammer, J. and McLeod, D. (1993) An Approach to Resolving Semantic Heterogeneity in a Federation of Autonomous Heterogeneous Database Systems, Intern. Journal of Intelligent and Cooperative Information Systems, 2 (1).
Lochovsky, F. H. and Woo, C. C. (1988) Role-Based Security in Database Management Systems, in Database Security: Status and Prospects, C. Landwehr (eds. ), North-Holland.
Morgenstern, M., Lunt, T. F., Thuraisingham, B., and Spooner, D.L. (1992) Security Issues in Federated Database Systems: Panel Contributions, in Database security, V: status and prospects C.E. Landwehr and S. Jajodia (eds.), North-Holland.
Rabitti, F., Bertino, E., Kim, W., and Woelk, D. (1991) A Model of Authorization for Next-Generation Database Systems, ACM-Trans. On Database Systems 16(1).
J. Rumbaugh, et al., (1991) Object-Oriented Modeling and Design Prentice-Hall International, Inc..
G. Salton, (1989) Automatic text processing—The transformation, analysis and retrieval of information by computer Addison-Wesley.
Sheth A.P. and Larson, J.P. (1990) Federated Database Systems for Managing Distributed, Heterogeneous, and Autonomous Databases, ACM Computing Surveys, 22 (3).
Siegel, M. and Madnick, S.E. (1991) A Metadata Approach to Resolving Semantic Conflicts, in Proc. of the 17th Int. Conference on Very Large Databases (VLDB), Barcelona.
Spaccapietra, S., Parent, C., and Dupont, Y. (1992) Model Independent Assertions for Integration of Heterogeneous Schemas, VLDB Journal, 1.
Templeton, M., Lund, E., and Ward, P. (1987) Pragmatics of Access Control in Mermaid, Data Engineering, 10 (3).
Wang, C.Y., and Spooner, D.L. (1987) Access Control in a Heterogeneous Distributed Database Management System, in Proc. of 6th IEEE Symposium on Reliability in Distributed Software and Database Sytems, Williamsburg, VA.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Castano, S. (1997). An Approach To Deriving Global Authorizations in Federated Database Systems. In: Samarati, P., Sandhu, R.S. (eds) Database Security. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35167-4_5
Download citation
DOI: https://doi.org/10.1007/978-0-387-35167-4_5
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2900-8
Online ISBN: 978-0-387-35167-4
eBook Packages: Springer Book Archive