论文信息 - A data confidentiality architecture for developing management mashups

A data confidentiality architecture for developing management mashups

Mashups are powerful applications created from accessing and composing multiple and distributed information sources. Their ease-of-use and modularity allow users at any skill level to construct, share and integrate their own applications. However, data security concerns remain a hindering factor in its widespread adoption, in particular, for network management. In this paper, we propose a novel development methodology and system architecture called Maestro that allows developers to express their data privacy concerns and enforce policies during mashup executions. We evaluated Maestro by building two mashup applications for managing live networks and by running performance tests that show that our runtime has negligible overhead.

[1] Wen-Syan Li,et al. Enabling policy-based access control in BI applications , 2008, Data Knowl. Eng..

[2] Andreas Thor,et al. Data Integration Support for Mashups , 2007 .

[3] Tim O'Reilly,et al. What is Web 2.0: Design Patterns and Business Models for the Next Generation of Software , 2007 .

[4] Vijayalakshmi Atluri,et al. Role-based Access Control , 1992 .

[5] David Hutchison,et al. A survey of key management for secure group communication , 2003, CSUR.

[6] Anant Jhingran. Enterprise information mashups: integrating information, simply , 2006, VLDB.

[7] Andrew C. Myers,et al. JFlow: practical mostly-static information flow control , 1999, POPL '99.

[8] Lisandro Zambenedetti Granville,et al. On the feasibility of Web 2.0 technologies for network management: A mashup-based approach , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[9] Sougata Mukherjea,et al. Providing middleware support for the control and co-ordination of telecom mashups , 2007, MNCNA '07.

[10] K. J. Bma. Integrity considerations for secure computer systems , 1977 .

[11] Winnie Wing-Yee Cheng. Information flow for secure distributed applications , 2009 .

[12] D. E. Bell,et al. Secure Computer Systems : Mathematical Foundations , 2022 .

[13] D. Richard Kuhn,et al. Role-Based Access Controls , 2009, ArXiv.