Providing Security and Interoperation of HeterogeneousSystems

Authors:
Steven Dawson;Shelly Qian;Pierangela Samarati
Affiliations:
Computer Science Laboratory, SRI International, Menlo Park, CA 94025, USA. dawson@csl.sri.com;SecureSoft, Inc., 275 Shoreline Dr., Suite 520, Redwood Shores, CA 94065, USA. sqian@securesoft.com;Università di Milano, Dip. Scienze Informazione, Polo di Crema, 26013 Crema, Italy. samarati@dsi.unimi.it
Venue:
Distributed and Parallel Databases - Security of data and transaction processing
Year:
2000

Citing 15
Cited 23

Federated database systems for managing distributed, heterogeneous, and autonomous databases

ACM Computing Surveys (CSUR) - Special issue on heterogeneous databases
Mediators in the Architecture of Future Information Systems

Computer
Multilevel security issues in distributed database management systems—III

Computers and Security
Computational Issues in Secure Interoperation

IEEE Transactions on Software Engineering
Using digital credentials on the World Wide Web

Journal of Computer Security - Special issue on security in the World Wide Web
Authorization specification and enforcement in federated database systems

Journal of Computer Security
Secure Mediated Databases

ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
Query Folding

ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
An Approach for Building Secure Database Federations

VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Querying Heterogeneous Information Sources Using Source Descriptions

VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Object Fusion in Mediator Systems

VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Security Issues in Federated Database Systems: Panel Contributions

Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Web Implementation of a Securtty Mediator for Medical Databases

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Secure Mediation: Requirements and Design

Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects
Merging Heterogeneous Security Orderings

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security

Maintaining the confidentiality of interoperable databases with a multilevel federated security system

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Secure mediation: requirements, design, and architecture

Journal of Computer Security - IFIP 2000
Mediation security specification and enforcement for heterogeneous databases

Proceedings of the 2005 ACM symposium on Applied computing
Secure Interoperation in a Multidomain Environment Employing RBAC Policies

IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments

Proceedings of the 12th ACM conference on Computer and communications security
X-gtrbac admin: A decentralized administration model for enterprise-wide access control

ACM Transactions on Information and System Security (TISSEC)
Privacy-preserving semantic interoperation and access control of heterogeneous databases

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies
Semantic access control for information interoperation

Proceedings of the eleventh ACM symposium on Access control models and technologies
Web services discovery in secure collaboration environments

ACM Transactions on Internet Technology (TOIT)
A Secure Mediator for Integrating Multiple Level Access Control Policies

KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
Security Violation Detection for RBAC Based Interoperation in Distributed Environment

IEICE - Transactions on Information and Systems
Separation of Duty in Trust-Based Collaboration

Information Security and Cryptology
Secure Interoperation in Multidomain Environments Employing UCON Policies

ISC '09 Proceedings of the 12th International Conference on Information Security
Handling inheritance violation for secure interoperation of heterogeneous systems

International Journal of Security and Networks
Privacy-preserving schema matching using mutual information

Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Establishing RBAC-based secure interoperability in decentralized multi-domain environments

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Mediator-free secure policy interoperation of exclusively-trusted multiple domains

ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Privacy-preserving query checking in query middleware

FSKD'09 Proceedings of the 6th international conference on Fuzzy systems and knowledge discovery - Volume 1
A secure collaboration service for dynamic virtual organizations

Information Sciences: an International Journal
Cluster-and-conquer: hierarchical multi-metric query processing in large-scale database federations

Proceedings of the Fourteenth International Database Engineering & Applications Symposium
An interoperation framework for secure collaboration among organizations

Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Secure interoperation design in multi-domains environments based on colored Petri nets

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Interoperation and information sharing among databasesindependently developed and maintained by different organizations istoday a pressing need, if not a practice. Governmental, military,financial, medical, and private institutions are more and morerequired to become part of a distributed infrastructure andselectively share their data with other organizations. This sharingprocess inevitably opens the local system to new vulnerabilities andenlarges the space of possible threats to the data and resources itmaintains. As a complicating factor, in general, data sources areheterogeneous both in the data models they adopt and in the securitymodels by which protection requirements are stated. We present amodeling and architectural solution to the problem of providinginteroperation while preserving autonomy and security of the localsources based on the use of wrappers and a mediator. A wrapperassociated with each source provides a uniform data interface and amapping between the source's security lattice and other lattices. The mediator processes global access requests by interfacingapplications and data sources. The combination of wrappers andmediator thus provides a uniform data model interface and allows themapping between restrictions stated by the different securitypolicies. We describe the practical application of these ideas tothe problem of trusted interoperation of health care databases,targeted to enforcing security in distributed applications referringto independent heterogeneous sources protected by mandatory policyrestrictions. We describe the architecture and operation of thesystem developed, and describe the tasks of the different components.