论文信息 - Accès transparent et sécurisé à des données largement distribuées

Accès transparent et sécurisé à des données largement distribuées

Offrir un acces transparent et securise a un ensemble de ressources passe par la definition de logiciels de mediation qui rendent la complexite de l'architecture sous-jacente transparente a l'utilisateur en offrant des facilites de conception, d'integration, d'interrogation et d'administration permettant le partage de donnees et de programmes d'une maniere fiable et efficace. Un tres gros effort a ete mene ces vingt dernieres annees pour aider a la mise en œuvre de ces logiciels de mediation, que cela soit par la communaute bases de donnees ou par la communaute systemes distribues. Ces deux communautes adressent differemment le probleme de l'acces transparent et securise a des ressources largement distribuees, il est donc important aujourd'hui de comprendre la variabilite des solutions en termes de fonctionnalites, de design, d'algorithmes et d'architectures afin d'identifier les differentes dimensions du probleme. Ce memoire retrace l'ensemble de mes actives de recherche realisees a partir de 1992 au sein du theme SBD (Systemes et Bases de Donnees) du laboratoire PRISM de l'Universite de Versailles-St-Quentin, et depuis 2002, dans le cadre du projet SMIS (Secure & Mobile Information System) a l'INRIA. Il detaille les aspects pluridisciplinaires de l'acces transparent aux donnees comme la conception et le developpement de systemes de mediation de donnees pour l'interoperabilite de bases de donnees relationnelles, objets et XML, et la problematique d'acces aux donnees dans les systemes a objets distribues a l'aide d'annuaires. Il aborde egalement la problematique d'acces securise aux donnees, notamment dans un contexte XML. Ce memoire detaille l'ensemble de mes contributions scientifiques autour de ces trois themes, indique pour chacun d'eux le contexte historique de l'epoque et le replace vis-a-vis de l'existant. Pour conclure, il liste un ensemble de perspectives et directions de recherche a la lueur de mon experience pluridisciplinaire et du constat de l'adoption croissante de XML comme fondation technologique pour l'acces transparent et securise aux donnees largement distribuees.

Béatrice Finance | Béatrice Finance

[1] Ioana Manolescu,et al. Agora: Living with XML and Relational , 2000, VLDB.

[2] Béatrice Finance,et al. Privacy of medical records: from law principles to practice , 2005, 18th IEEE Symposium on Computer-Based Medical Systems (CBMS'05).

[3] Elisa Bertino,et al. Author-X: A Java-Based System for XML Data Protection , 2000, DBSec.

[4] Makoto Murata,et al. XML access control using static analysis , 2006, TSEC.

[5] Béatrice Finance,et al. Querying future telecommunication networks , 1998, International Conference on Information and Knowledge Management.

[6] a. gokhale,et al. Reinventing the Wheel ? CORBA vs . Web Services , 2006 .

[7] Dan Suciu,et al. Containment and equivalence for an XPath fragment , 2002, PODS.

[8] Günter Karjoth,et al. A privacy policy model for enterprises , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[9] Elisa Bertino,et al. On specifying security policies for web documents with an XML-based language , 2001, SACMAT '01.

[10] Laks V. S. Lakshmanan,et al. Querying network directories , 1999, SIGMOD '99.

[11] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.

[12] Reagan Moore,et al. Network Policy and Services: A Report of a Workshop on Middleware , 2000, RFC.

[13] Patrick Valduriez,et al. Scaling Access to Heterogeneous Data Sources with DISCO , 1998, IEEE Trans. Knowl. Data Eng..

[14] Elisa Bertino,et al. Securing XML Documents with Author-X , 2001, IEEE Internet Comput..

[15] Jerome Fessy,et al. Query Processing in IRO-DB , 1995, DOOD.

[16] Béatrice Finance,et al. The case for access control on XML relationships , 2005, CIKM '05.

[17] Tim Howes,et al. Lightweight Directory Access Protocol (v3) , 1997, RFC.

[18] Alon Y. Halevy,et al. Piazza: data management infrastructure for semantic web applications , 2003, WWW '03.

[19] Ian T. Foster,et al. Globus: a Metacomputing Infrastructure Toolkit , 1997, Int. J. High Perform. Comput. Appl..

[20] Donald Kossmann,et al. The state of the art in distributed query processing , 2000, CSUR.

[21] Michiharu Kudo,et al. Access-Condition-Table-Driven Access Control for XML Databases , 2004, ESORICS.

[22] Béatrice Finance,et al. IRO-DB: a distributed system federating object and relational databases , 1995 .

[23] Saïda Medjdoub,et al. Modèle de contrôle d'accès pour XML :"Application à la protection des données personnelles" , 2005 .

[24] Peter Fankhauser,et al. Federating object-oriented and relational databases: the IRO-DB experience , 1997, Proceedings of CoopIS 97: 2nd IFCIS Conference on Cooperative Information Systems.

[25] Jennifer Widom,et al. The TSIMMIS Project: Integration of Heterogeneous Information Sources , 1994, IPSJ.

[26] Csilla Farkas,et al. Secure XML Views , 2002, DBSec.

[27] Serge Abiteboul,et al. From structured documents to novel query facilities , 1994, SIGMOD '94.

[28] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[29] Marty Humphrey,et al. Evaluation of UDDI as a provider of resource discovery services for OGSA-based grids , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[30] Béatrice Finance,et al. IRO-DB, a Solution for Computer Integrated Manufacturing Applications , 1995, CoopIS.

[31] Béatrice Finance,et al. Managing CORBA objects with dynamic behavior in a Directory , 2001, Proceedings 3rd International Symposium on Distributed Objects and Applications.

[32] Béatrice Finance,et al. Génération de wrappers LDAP pour sources de données relationnelles , 2001, Journées Bases de Données Avancées.

[33] Weimin Du,et al. An overview of Pegasus , 1993, Proceedings RIDE-IMS `93: Third International Workshop on Research Issues in Data Engineering: Interoperability in Multidatabase Systems.

[34] Sang Hyuk Son,et al. Access control of XML documents considering update operations , 2003, XMLSEC '03.

[35] Elisa Bertino,et al. Controlled access and dissemination of XML documents , 1999, WIDM '99.

[36] Ramaswamy Chandramouli,et al. The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[37] Ioana Manolescu,et al. Answering XML Queries on Heterogeneous Data Sources , 2001, VLDB.

[38] C. Powers. Privacy Promises, Access Control, and Privacy Management , 2002 .

[39] Jennifer Widom,et al. The Lorel query language for semistructured data , 1997, International Journal on Digital Libraries.

[40] Hao He,et al. A role-based access control model for XML repositories , 2000, Proceedings of the First International Conference on Web Information Systems Engineering.

[41] Dan Suciu,et al. Cryptographically Enforced Conditional Access for XML , 2002, International Workshop on the Web and Databases.

[42] Alban Gabillon. An authorization model for XML databases , 2004, SWS '04.

[43] Paolo Manghi,et al. XPeer: A Self-Organizing XML P2P Database System , 2004, EDBT Workshops.

[44] Luc Bouganim,et al. Client-Based Access Control Management for XML documents , 2004, VLDB.

[45] Indrajit Ray,et al. A cryptographic solution to implement access control in a hierarchy and more , 2002, SACMAT '02.

[46] Zoubida Kedad,et al. Discovering view expressions from a multi-source information system , 1999, Proceedings Fourth IFCIS International Conference on Cooperative Information Systems. CoopIS 99 (Cat. No.PR00384).

[47] Guido Moerkotte,et al. Evaluating queries with generalized path expressions , 1996, SIGMOD '96.

[48] Vijay Varadharajan,et al. RBAC for XML Document Stores , 2001, ICICS.

[49] Barbara Carminati,et al. AC-XML documents: improving the performance of a web access control module , 2005, SACMAT '05.

[50] Ioana Manolescu,et al. Active XML: A Data-Centric Perspective on Web Services , 2004, Web Dynamics.

[51] Patrick Valduriez,et al. Principles of distributed database systems (2nd ed.) , 1999 .

[52] R. MacGregor,et al. Mermaid—A front-end to distributed heterogeneous databases , 1987, Proceedings of the IEEE.

[53] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[54] Béatrice Finance,et al. CMIS-L: A Query Language for Telecommunication Management Systems , 1999, Proc. 15èmes Journées Bases de Données Avancées, BDA.

[55] Georges Gardarin,et al. MediaPeer: A Safe, Scalable P2P Architecture for XML Query Processing , 2005, 16th International Workshop on Database and Expert Systems Applications (DEXA'05).

[56] Laks V. S. Lakshmanan,et al. Optimizing the Secure Evaluation of Twig Queries , 2002, VLDB.

[57] François Goasdoué,et al. SomeWhere in the Semantic Web , 2005, PPSWR.

[58] Philippe Pucheral,et al. Data Management Framework & Telecom Query Service for TINA , 1997 .

[59] Sushil Jajodia,et al. Flexible support for multiple access control policies , 2001, TODS.

[60] Ali R. Hurson,et al. Object-oriented multidatabase systems , 1995 .

[61] Christine Collet,et al. Towards a Mediation System Framework for Transparent Access to Largely Distributed Sources. The MediaGrid Project , 2004 .

[62] Ernesto Damiani,et al. Securing XML Documents , 2000, EDBT.

[63] Roshan K. Thomas,et al. Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.

[64] Elisa Bertino,et al. Secure and selective dissemination of XML documents , 2002, TSEC.

[65] Michiharu Kudo,et al. XML document security based on provisional authorization , 2000, CCS.

[66] Kian-Lee Tan,et al. A Scalable XML Access Control System , 2001, WWW Posters.

[67] Peter Fankhauser,et al. IRO-DB: Making Relational and Object-Oriented Database Systems Interoperable , 1996, EDBT.

[68] Terry A. Landers,et al. An Overview of MULTIBASE , 1986, DDB.

[69] Ramakrishnan Srikant,et al. Hippocratic Databases , 2002, VLDB.

[70] Zahir Tari,et al. A query propagation approach to improve CORBA Trading Service scalability , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[71] Béatrice Finance,et al. LDAP, Databases and Distributed Objects: Towards a Better Integration , 2001, Databases in Telecommunications.

[72] Bradford W. Wade,et al. An authorization mechanism for a relational database system , 1976, TODS.

[73] Hongchi Shi,et al. XML access control for semantically related XML documents , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[74] Wenfei Fan,et al. Secure XML querying with security views , 2004, SIGMOD '04.

[75] Divesh Srivastava,et al. The Information Manifold , 1995 .

[76] Elisa Bertino,et al. Specifying and enforcing access control policies for XML document sources , 2004, World Wide Web.

[77] Michael J. Carey,et al. XPERANTO: Publishing Object-Relational Data as XML , 2000, WebDB.

[78] Elisa Bertino,et al. Privacy Protection , 2022 .

[79] Jacques Le Maitre,et al. Extending xQuery with transformation operators , 2003, DocEng '03.

[80] Zoubida Kedad,et al. Mapping Discovery for XML Data Integration , 2005, OTM Conferences.

[81] Divesh Srivastava,et al. Flexible list management in a directory , 1998, CIKM '98.

[82] David Maier,et al. Distributed Query Processing and Catalogs for Peer-to-Peer Systems , 2003, CIDR.

[83] Alban Gabillon,et al. Regulating Access to XML documents , 2001, DBSec.

[84] David R. Kuhn,et al. Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[85] C. J. Date,et al. A Guide to the SQL Standard: A User's Guide to the Standard Relational Language SQL , 1993 .

[86] Christine Collet,et al. QBF: A Query Broker Framework for Adaptable Query Evaluation , 2004, FQAS.

[87] Sylvia L. Osborn,et al. A role-based approach to access control for XML databases , 2004, SACMAT '04.

[88] Laura M. Haas,et al. Towards heterogeneous multimedia information systems: the Garlic approach , 1995, Proceedings RIDE-DOM'95. Fifth International Workshop on Research Issues in Data Engineering-Distributed Object Management.