Security in distributed digital libraries: issues and challenges

Providing security for digital libraries is challenging due to their dynamic and distributed nature. The need for security for digital libraries arises from legal, social and sensitivity issues of information. Increased dependence on agent-based architectures for digital libraries and peer-to-peer communications makes them more vulnerable to security threats. Thus, evolving a comprehensively secure distributed digital library system is challenging. In addition to the security guarantees, performance guarantees such as convenience in usage, minimal response time, and high throughput are also required of these systems. In this paper, we address the issues of integrating performance and security in digital libraries. We discuss a variety of security tools that are currently available and their impact on security and performance of digital library systems.

[1]  Butler W. Lampson,et al.  SPKI Certificate Theory , 1999, RFC.

[2]  Clifford A. Lynch,et al.  Interoperability, Scaling, and the Digital Libraries Research Agenda. , 1996 .

[3]  William P. Birmingham,et al.  An agent-based architecture for digital libraries , 1995, D Lib Mag..

[4]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[5]  Stephen Farrell,et al.  Internet X.509 Public Key Infrastructure Certificate Management Protocols , 1999, RFC.

[6]  William E. Johnston,et al.  Authorization and attribute certificates for widely distributed access control , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[7]  Clifford A. Lynch,et al.  Report on the May 18-19 1995 IITA Digital Libraries Workshop: Final Draft for Participant Review, August 4, 1995 , 1997 .

[8]  Rolf Oppliger,et al.  Using Attribute Certificates to Implement Role-based Authorization and Access Controls , 2000 .

[9]  William J. Caelli,et al.  Non-Repudiation in the Digital Environment , 2000, First Monday.

[10]  Ariel Glenn,et al.  Access Management of Web-based Services: An Incremental Approach to Cross-organizational Authentication and Authorization , 1998, D Lib Mag..

[11]  David W. Chadwick An X.509 Role Based Privilege Management Infrastructure , 2001 .

[12]  Henry M. Gladney,et al.  Authorization management for digital libraries , 2001, CACM.

[13]  Ravi Sandhu Access Control: The Neglected Frontier , 1996, ACISP.