Federated database systems for managing distributed, heterogeneous, and autonomous databases
ACM Computing Surveys (CSUR) - Special issue on heterogeneous databases
Multilevel security issues in distributed database management systems—III
Computers and Security
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
Authorization specification and enforcement in federated database systems
Journal of Computer Security
ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
An Approach for Building Secure Database Federations
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Querying Heterogeneous Information Sources Using Source Descriptions
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Object Fusion in Mediator Systems
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Security Issues in Federated Database Systems: Panel Contributions
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Web Implementation of a Securtty Mediator for Medical Databases
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Secure Mediation: Requirements and Design
Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects
Merging Heterogeneous Security Orderings
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Secure mediation: requirements, design, and architecture
Journal of Computer Security - IFIP 2000
Mediation security specification and enforcement for heterogeneous databases
Proceedings of the 2005 ACM symposium on Applied computing
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments
Proceedings of the 12th ACM conference on Computer and communications security
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
Privacy-preserving semantic interoperation and access control of heterogeneous databases
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Semantic access control for information interoperation
Proceedings of the eleventh ACM symposium on Access control models and technologies
Web services discovery in secure collaboration environments
ACM Transactions on Internet Technology (TOIT)
A Secure Mediator for Integrating Multiple Level Access Control Policies
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
Security Violation Detection for RBAC Based Interoperation in Distributed Environment
IEICE - Transactions on Information and Systems
Separation of Duty in Trust-Based Collaboration
Information Security and Cryptology
Secure Interoperation in Multidomain Environments Employing UCON Policies
ISC '09 Proceedings of the 12th International Conference on Information Security
Handling inheritance violation for secure interoperation of heterogeneous systems
International Journal of Security and Networks
Privacy-preserving schema matching using mutual information
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Establishing RBAC-based secure interoperability in decentralized multi-domain environments
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Mediator-free secure policy interoperation of exclusively-trusted multiple domains
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Privacy-preserving query checking in query middleware
FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 1
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Cluster-and-conquer: hierarchical multi-metric query processing in large-scale database federations
Proceedings of the Fourteenth International Database Engineering & Applications Symposium
An interoperation framework for secure collaboration among organizations
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Secure interoperation design in multi-domains environments based on colored Petri nets
Information Sciences: an International Journal
Hi-index | 0.00 |
Interoperation and information sharing among databasesindependently developed and maintained by different organizations istoday a pressing need, if not a practice. Governmental, military,financial, medical, and private institutions are more and morerequired to become part of a distributed infrastructure andselectively share their data with other organizations. This sharingprocess inevitably opens the local system to new vulnerabilities andenlarges the space of possible threats to the data and resources itmaintains. As a complicating factor, in general, data sources areheterogeneous both in the data models they adopt and in the securitymodels by which protection requirements are stated. We present amodeling and architectural solution to the problem of providinginteroperation while preserving autonomy and security of the localsources based on the use of wrappers and a mediator. A wrapperassociated with each source provides a uniform data interface and amapping between the source's security lattice and other lattices. The mediator processes global access requests by interfacingapplications and data sources. The combination of wrappers andmediator thus provides a uniform data model interface and allows themapping between restrictions stated by the different securitypolicies. We describe the practical application of these ideas tothe problem of trusted interoperation of health care databases,targeted to enforcing security in distributed applications referringto independent heterogeneous sources protected by mandatory policyrestrictions. We describe the architecture and operation of thesystem developed, and describe the tasks of the different components.