Database Security XII

Dealing with informational assurances we have to consider the full complexity of the information society. In a narrower sense informational assurances comprise informational rights, the related legal and social rules as well as the enforcing technical mechanisms. The right of privacy, understood as informational self-determination, is taken as an important example. Starting from a discussion of present shortcomings in technically enforcing this right, we outline some recent developments in the German and European legislation concerning privacy, teleservices and digital signatures. Also some selected mechanisms for improving the technical enforcement are evaluated, including federated system structure and local security autonomy, cryptographic protocols enabling cooperation under threats, and the tamper resistant hardware foundation. Finally, we advocate the shift from the traditional paradigm of reference books implemented as centralized databases to the new paradigm of communicating personal data agents. The new paradigm is devised to enhance the data subject's means to technically enforce the interests concerning privacy.

[1]  Won Kim,et al.  Introduction to Object-Oriented Databases , 1991, Computer systems.

[2]  Birgit Pfitzmann,et al.  Anonymous Fingerprinting , 1997, EUROCRYPT.

[3]  ServicesGio,et al.  The Conceptual Basis for Mediation , 1996 .

[4]  Neal R. Wagner,et al.  Encrypted Database Design: Specialized Approaches , 1986, 1986 IEEE Symposium on Security and Privacy.

[5]  Daniel G. Bobrow,et al.  Object-Oriented Programming: Themes and Variations , 1989, AI Mag..

[6]  Martín Abadi,et al.  Secure network objects , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[7]  Patrick Valduriez,et al.  Scaling heterogeneous databases and the design of Disco , 1996, Proceedings of 16th International Conference on Distributed Computing Systems.

[8]  Ehud Gudes,et al.  A Model for Evaluation and Administration of Security in Object-Oriented Databases , 1994, IEEE Trans. Knowl. Data Eng..

[9]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[10]  Ehud Gudes,et al.  Compile-Time Flow Analysis of Transactions and Methods in Object-Oriented Databases , 1997, DBSec.

[11]  Gio Wiederhold,et al.  Mediators in the architecture of future information systems , 1992, Computer.

[12]  Calton Pu,et al.  The distributed interoperable object model and its application to large-scale interoperable database systems , 1995, CIKM '95.

[13]  Elisa Bertino,et al.  Information Flow Control in Object-Oriented Systems , 1997, IEEE Trans. Knowl. Data Eng..

[14]  Ehud Gudes,et al.  Security Policies in Object-Oriented Databases , 1989, DBSec.

[15]  Bhavani M. Thuraisingham,et al.  A Fine-grained Access Control Model for Object-Oriented DBMSs , 1994, DBSec.

[16]  Ehud Gudes,et al.  A Model of Methods Access Authorization in Object-oriented Databases , 1993, VLDB.

[17]  Eduardo Mena Nieto Observer: an approach for query processing in global information systems based on interoperation across pre-existing ontologies , 1999 .

[18]  Yves Deswarte,et al.  An authorization scheme for distributed object systems , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[19]  Jeffrey D. Ullman,et al.  Information integration using logical views , 1997, Theor. Comput. Sci..

[20]  Martin S. Olivier,et al.  A taxonomy for secure object-oriented databases , 1994, TODS.

[21]  Marianne Winslett,et al.  Internet Credential Acceptance Policies , 1997, APPIA-GULP-PRODE.

[22]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[23]  Martin S. Olivier Self-protecting Objects in a Secure Federated Database , 1995, DBSec.

[24]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[25]  Klaus R. Dittrich,et al.  Argos - A Configurable Access Control System for Interoperable Environments , 1995, DBSec.

[26]  Gio Wiederhold,et al.  Web Implementation of a Security Mediator for Medical Databases , 1997, DBSec.