论文信息 - Security Administration for Federations, Warehouses, and other Derived Data

Security Administration for Federations, Warehouses, and other Derived Data

Security administration is harder in databases that have multiple layers of derived data, such as federations, warehouses, or systems with many views. Meta-data (e.g., security requirements) expressed at each layer must be visible and understood at the other layer. We describe several use cases in which layers negotiate to reconcile their business requirements. The sources must grant enough privileges for the derived layer to support the applications; the derived layer must enforce enough restrictions so that the sources’ concerns are met; and the relationship between the privileges at source and derived layer must be visible and auditable.

[1] Silvana Castano,et al. Database Security , 1997, IFIP Advances in Information and Communication Technology.

[2] Stephen R. Gardner. Building the data warehouse , 1998, CACM.

[3] Michael Stonebraker,et al. Implementation of integrity constraints and views by query modification , 1975, SIGMOD '75.

[4] Divesh Srivastava,et al. Answering Queries with Aggregation Using Views , 1996, VLDB.

[5] Patrick Valduriez,et al. Principles of Distributed Database Systems , 1990 .

[6] 宮崎耕,et al. W. H. Inmon, Building the Data Warehouse , 1993 .

[7] Arnon Rosenthal,et al. First-class views: a key to user-centered computing , 1999, SGMD.

[8] Arnon Rosenthal,et al. Propagating Integrity Information among Interrelated Databases , 1998, IICIS.

[9] Bhavani Thuraisingham,et al. Security Constraints in a Multilevel Secure Distributed Database Management System , 1995, IEEE Trans. Knowl. Data Eng..

[10] Arthur M. Keller,et al. The Role of Semantics in Translating View Updates , 1986, Computer.

[11] Sabrina De Capitani di Vimercati,et al. Authorization Specification and Enforcement in Federated Database Systems , 1997, Journal of computing and security.

[12] Silvana Castano,et al. Automated Derivation of Global Authorizations for Database Federations , 1997, J. Comput. Secur..