Secure Mediation: Requirements, Design, and Architecture

In mediated information systems clients and various autonomous sources are brought together by mediators. The mediation paradigm needs powerful and expressive security mechanisms considering the dynamics and conflicting interests of the mediation participants. Firstly, we discuss the security requirements for mediation with an emphasis on confidentiality and authenticity. We argue for basing the enforcement of these properties on certified personal authorization attributes rather than on identification. Using a public key infrastructure such personal authorization attributes can be bound to asymmetric encryption keys by credentials. Secondly, we propose a general design of secure mediation where credentials are roughly used as follows: clients show their eligibility for receiving requested information by the contained personal authorization attributes, and sources and the mediator guarantee confidentiality by using the contained encryption keys. Thirdly, we refine the general design for a specific approach to mediation, given by our prototype of a Multimedia Mediator, MMM. Among other contributions, we define the authorization model and the specification of query access authorizations within the framework of ODL, as well as the authorization and encryption policies for mediation, and we outline the resulting security architecture of the MMM. We also analyze the achievable security properties including support for anonymity, and we discuss the inevitable tradeoffs between security and mediation functionality.

[1]  Dirk Jonscher Access Control in Object-Oriented Federated Database Systems , 1998, Datenbank Rundbr..

[2]  Joann J. Ordille,et al.  Querying Heterogeneous Information Sources Using Source Descriptions , 1996, VLDB.

[3]  Jeffrey D. Ullman,et al.  Information integration using logical views , 1997, Theor. Comput. Sci..

[4]  Joachim Biskup,et al.  Towards Secure Mediation , 1999 .

[5]  A. Watson,et al.  OMG (Object Management Group) architecture and CORBA (common object request broker architecture) specification , 2002 .

[6]  Neal R. Wagner,et al.  Encrypted Database Design: Specialized Approaches , 1986, 1986 IEEE Symposium on Security and Privacy.

[7]  Nick Roussopoulos,et al.  Interoperability of multiple autonomous databases , 1990, CSUR.

[8]  Klaus R. Dittrich,et al.  Argos - A Configurable Access Control System for Interoperable Environments , 1995, DBSec.

[9]  Craig A. Knoblock,et al.  Query reformulation for dynamic information integration , 1996, Journal of Intelligent Information Systems.

[10]  François Bancilhon,et al.  Building an Object-Oriented Database System, The Story of O2 , 1992 .

[11]  Dennis McLeod,et al.  A federated architecture for information management , 1985, TOIS.

[12]  Ling Liu,et al.  Accessing heterogeneous data through homogenization and integration mediators , 1997, Proceedings of CoopIS 97: 2nd IFCIS Conference on Cooperative Information Systems.

[13]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[14]  R. G. G. Cattell,et al.  Recent books , 2000, IEEE Spectrum.

[15]  Sabrina De Capitani di Vimercati,et al.  Authorization Specification and Enforcement in Federated Database Systems , 1997, Journal of computing and security.

[16]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[17]  Gerrit Bleumer,et al.  Privacy Oriented Clearing for the German Health-Care System , 1997, Personal Medical Information.

[18]  Gio Wiederhold,et al.  Mediators in the architecture of future information systems , 1992, Computer.

[19]  Timothy W. Finin,et al.  KQML as an agent communication language , 1994, CIKM '94.

[20]  Laura M. Haas,et al.  Towards heterogeneous multimedia information systems: the Garlic approach , 1995, Proceedings RIDE-DOM'95. Fifth International Workshop on Research Issues in Data Engineering-Distributed Object Management.

[21]  Pierangela Samarati,et al.  Providing Security and Interoperation of Heterogeneous Systems , 2004, Distributed and Parallel Databases.

[22]  Vipul Kashyap,et al.  InfoSleuth: agent-based semantic integration of information in open and dynamic environments , 1997, SIGMOD '97.

[23]  Gang Zhou,et al.  A framework for supporting data integration using the materialized and virtual approaches , 1996, SIGMOD '96.

[24]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[25]  Zahir Tari,et al.  Security Enforcement in the DOK Federated Database System , 1996, DBSec.

[26]  Elisa Bertino,et al.  An Authorization Model and Its Formal Semantics , 1998, ESORICS.

[27]  ServicesGio,et al.  The Conceptual Basis for Mediation , 1996 .

[28]  Joachim Biskup,et al.  Weakly Constraining Multimedia Types Based on a Type Embedding Ordering , 1998, Multimedia Information Systems.

[29]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[30]  Nicholas Bohm,et al.  Digital Signatures, Certificates and Electronic Commerce , 1999 .

[31]  Sushil Jajodia,et al.  Secure mediated databases , 1996, Proceedings of the Twelfth International Conference on Data Engineering.

[32]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[33]  Joachim Biskup,et al.  Security Architecture of the Multimedia Mediator , 2000, DBSec.

[34]  Joachim Biskup,et al.  Query Evaluation in an Object-Oriented Multimedia Mediator , 1997, OOIS.

[35]  Gio Wiederhold,et al.  Web Implementation of a Security Mediator for Medical Databases , 1997, DBSec.

[36]  Frédéric Cuppens,et al.  Rules for Designing Multilevel Object-Oriented Databases , 1998, ESORICS.

[37]  Eduardo Mena Nieto Observer: an approach for query processing in global information systems based on interoperation across pre-existing ontologies , 1999 .

[38]  Joachim Biskup,et al.  Secure Mediation: Requirements and Design , 1998, DBSec.

[39]  Martin S. Olivier,et al.  A taxonomy for secure object-oriented databases , 1994, TODS.

[40]  Marianne Winslett,et al.  Internet Credential Acceptance Policies , 1997, APPIA-GULP-PRODE.

[41]  Michael R. Genesereth,et al.  The Conceptual Basis for Mediation Services , 1997, IEEE Expert.

[42]  Patrick Valduriez,et al.  Scaling heterogeneous databases and the design of Disco , 1996, Proceedings of 16th International Conference on Distributed Computing Systems.

[43]  Calton Pu,et al.  The distributed interoperable object model and its application to large-scale interoperable database systems , 1995, CIKM '95.

[44]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[45]  강문설 [서평]「The Unified Modeling Language User Guide」 , 1999 .