论文信息 - Secure Interoperation of Heterogeneous Systems: A Mediator-Based Approach

Secure Interoperation of Heterogeneous Systems: A Mediator-Based Approach

This paper addresses the problem of ensuring protection in the interoperation of heterogeneous data sources. We present a system that allows data sources enforcing mandatory multilevel policies to interoperate and make their data available to external applications still maintaining autonomy and security. Sources can be het-erogenous with respect to both the data model and the security lattices governing access control. Our approach is based on the use of wrappers and a mediator. A wrapper associated with each source provides a uniform data interface and mapping between the source's lattice and other lattices. The mediator processes global access requests by interfacing applications and data sources. We show how the relationships between the security lattices are stated and controlled for inconsistencies, and how global queries are processed by the mediator and by the local wrappers for both data retrieval and enforcement of security constraints. We also describe the architecture and operation of the system, and describe the tasks of the diierent components.

[1] Li Gong,et al. Computational Issues in Secure Interoperation , 1996, IEEE Trans. Software Eng..

[2] Gio Wiederhold,et al. Mediators in the architecture of future information systems , 1992, Computer.

[3] Klaus R. Dittrich,et al. An Approach for Building Secure Database Federations , 1994, VLDB.

[4] Bhavani M. Thuraisingham. Security issues for federated database systems , 1994, Comput. Secur..

[5] Bhavani M. Thuraisingham,et al. Multilevel security issues in distributed database management systems II , 1991, Comput. Secur..

[6] Xiaolei Qian,et al. Query folding , 1996, Proceedings of the Twelfth International Conference on Data Engineering.

[7] Bhavani M. Thuraisingham. Multilevel security issues in distributed database management systems II , 1991, Comput. Secur..

[8] Roland Sauerbrey,et al. Biography , 1992, Ann. Pure Appl. Log..

[9] Sabrina De Capitani di Vimercati,et al. Authorization Specification and Enforcement in Federated Database Systems , 1997, Journal of computing and security.