Providing Security and Interoperation of Heterogeneous Systems



Interoperation and information sharing among databases independently developed and maintained by different organizations is today a pressing need, if not a practice. Governmental, military, financial, medical, and private institutions are more and more required to become part of a distributed infrastructure and selectively share their data with other organizations. This sharing process inevitably opens the local system to new vulnerabilities and enlarges the space of possible threats to the data and resources it maintains. As a complicating factor, in general, data sources are heterogeneous both in the data models they adopt and in the security models by which protection requirements are stated. We present a modeling and architectural solution to the problem of providing interoperation while preserving autonomy and security of the local sources based on the use of wrappers and a mediator. A wrapper associated with each source provides a uniform data interface and a mapping between the source’s security lattice and other lattices. The mediator processes global access requests by interfacing applications and data sources. The combination of wrappers and mediator thus provides a uniform data model interface and allows the mapping between restrictions stated by the different security policies. We describe the practical application of these ideas to the problem of trusted interoperation of health care databases, targeted to enforcing security in distributed applications referring to independent heterogeneous sources protected by mandatory policy restrictions. We describe the architecture and operation of the system developed, and describe the tasks of the different components.

Key words

secure interoperation mandatory access control query processing 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    D.E. Bell and L.J. La Padula, “Secure computer systems: Unified exposition and multics interpretation,” Technical Report, The Mitre Corp., 1974.Google Scholar
  2. 2.
    J. Biskup, U. Regel, and Y. Karabulut, “Secure mediation: Requirements and design,” in Database Security XII: Status and Prospects, Sushil Jajodia (Ed.), Kluwer, 1999.Google Scholar
  3. 3.
    P. Bonatti, M.L. Sapino, and V.S. Subrahmanian, “Merging heterogeneous security orderings,” in Proc. 4th European Symp. on Research in Computer Security (ESORICS 96), Rome, Italy, September 1996.Google Scholar
  4. 4.
    K.S. Candan, S. Jajodia, and V.S. Subrahmanian, “Secure mediated databases,” in Proc. 12th International Conference on Data Engineering (1CDE ′96) New Orleans, Lousiana, February 1996.Google Scholar
  5. 5.
    S. Dawson, “Optimization techniques for trusted semantic interoperation,” Technical Report, SRI International, November 1997.Google Scholar
  6. 6.
    S. Dawson, J. Gryz, and X. Qian, “Query folding with functional dependencies,” Technical Report, SRI International, 1996.Google Scholar
  7. 7.
    S. Dawson and X. Qian, “Query mediation for trusted database interoperation,” in Proc. 1997 DoD Database Colloquium, San Diego, CA, September 1997.Google Scholar
  8. 8.
    S. Dawson, S. Qian, and P. Samarati, “Secure interoperation of heterogeneous systems: A mediator-based approach,” in Proc. of the IFIP 14th International Conference on Information Security (SEC′98), Vienna-Budapest, 31 August-2 September, 1998.Google Scholar
  9. 9.
    D.E. Denning, T.F. Lunt, R. Schell, M. Heckman, and S. Shockley, “Secure distributed data view (SeaView)—the Sea View formal security policy model,” Technical Report, SRI International, July 1987.Google Scholar
  10. 10.
    S. De Capitani di Vimercati and P. Samarati, “Authorization specification and enforcement in federated database systems,” Journal of Computer Security, vol. 5, no. 2, pp. 155–188, 1997.Google Scholar
  11. 11.
    L. Gong and X. Qian, “Computational issues in secure interoperation,” IEEE Transactions on Software Engineering, vol. 22, no. 1, pp. 43–52, January 1996.CrossRefGoogle Scholar
  12. 12.
    D. Jonscher and K.R. Dittrich, “An approach for building secure database federations,” in Proc. 20th VLDB Conference, Santiago, Chile, 1994.Google Scholar
  13. 13.
    D. Jonscher and K.R. Dittrich, “Argos—A configurable access control subsystem which can propagate access rights,” in Proc. 9th IFIP Working Conference on Database Security, Rensselaerville, New York, August 1995.Google Scholar
  14. 14.
    A.Y. Levy, A. Rajaraman, and J.J. Ordille, “Querying heterogeneous information sources using source descriptions,” in Proc. of the 22nd International Conference on Very Large Databases (VLDB′96), Mumbay, India, September 1996, pp. 251–262.Google Scholar
  15. 15.
    M. Morgenstern, T.F. Lunt, B. Thuraisingham, and D.L. Spooner. Security issues in federated database systems: Panel contributions, in Database Security, V: Status and Prospects, C. E. Landwehr and S. Jajodia (Eds.), IFIP, Shepherds Town, West Virginia, 1992, pp. 131–148.Google Scholar
  16. 16.
    M.S. Olivier, “A multilevel secure federated database,” in Proc. 9th IFIP Working Conference on Database Security, Rensselaerville, New York, August 1995, pp. 23–38.Google Scholar
  17. 17.
    Y. Papakostantantinou, S. Abiteboul, and H. Garcia-Molina, “Object fusion in mediator systems,” in Proc. 22nd International Conference on Very Large Databases (VLDB′96), Mumbay, India, September 1996.Google Scholar
  18. 18.
    X. Qian, “Query folding,” in Proc. Twelfth International Conference on Data Engineering, 1996, pp. 48–55.Google Scholar
  19. 19.
    X. Qian and T. Lunt, “Semantic interoperation: A query mediation approach,” Technical Report TR 94-02, SRI International, 1994.Google Scholar
  20. 20.
    A.P. Sheth and J.A. Larson, “Federated database systems for managing distributed, heterogeneous, and autonomous databases,” ACM Computing Surveys, vol. 22, no. 3, 1990, pp. 183–236.CrossRefGoogle Scholar
  21. 21.
    B. Thuraisingham and H.H. Rubinovitz, “Multilevel security issues in distributed database management systems III,” Computers & Security, vol. 11, pp. 661–674, 1992.CrossRefGoogle Scholar
  22. 22.
    C.Y. Wang and D.L. Spooner, “Access control in a heterogeneous distributed database management system,” in IEEE 6th Symp. on Reliability in Distributed Software and Database Systems, Williamsburg, 1987, pp. 84–92.Google Scholar
  23. 23.
    G. Wiederhold, “Mediators in the architecture of future information systems,” IEEE Computer, vol. 25, no. 3, March 1992, pp. 38–49.CrossRefGoogle Scholar
  24. 24.
    G. Wiederhold, M. Bilello, and C. Donahue, “Web implementation of a security mediator for medical databases,” in Database Security XI: Status and Prospects, T.Y. Lin and S. Qian (Eds.), Chapman & Hall, 1998, pp. 60–72.Google Scholar
  25. 25.
    G. Wiederhold, M. Bilello, V. Sarathy, and X. Qian, “A security mediator for health care information,” in Proc. 1996 AMIA Conference, lournal of the AMIA, Washington, DC, October 1998, pp. 120–124.Google Scholar
  26. 26.
    M. Winslett, N. Ching, V. Jones, and Slepchin, “Using digital credentials on the world wide web,” Journal of Computer Security, vol. 5, no. 3, pp. 255–267, 1997.Google Scholar

Copyright information

© Springer Science+Business Media New York 2000

Authors and Affiliations

  1. 1.Computer Science Laboratory, SRI InternationalMenlo ParkUSA
  2. 2.SecureSoft, Inc.Redwood ShoresUSA
  3. 3.Dip. Scienze Informazione, Polo di CremaUniversità di MilanoCremaItaly

Personalised recommendations