ACCESS MODEL IN COOPERATIVE INFORMATION SYSTEMS - Preserving local autonomy with a global integration process

This research focuses on access security in cooperating information systems. The offered modeling has to treat the interoperation of open and evolutive information systems and, moreover, has to guarantee the respect of various local security policies. The coexistence of heterogeneous information sources within an information systems framework involves homogenization problems between local security policies. We distinguish two types of heterogeneity: heterogeneity of the local access policies and semantic heterogeneity between object or subject instances of the local access schemas. To solve this twofold difficulty, we propose an original role model allowing a unified representation of local access schemas. This model preserves the flow control properties in the three main access policies (discretionary, role-based model and multilevel models). The described access schemas are enriched to establish intra-system access authorizations.

[1]  Sylvia L. Osborn,et al.  Modeling Mandatory Access Control in Role-Based Security Systems , 1995, DBSec.

[2]  Martin S. Olivier,et al.  A Multilevel Secure Federated Database , 1994, DBSec.

[3]  Danielle Boulanger,et al.  An Object Approach for Information System Cooperation , 1998, Inf. Syst..

[4]  Klaus R. Dittrich,et al.  An Approach for Building Secure Database Federations , 1994, VLDB.

[5]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[6]  Günther Pernul Canonical Security Modeling for Federated Databases , 1992, DS-5.

[7]  Ravi S. Sandhu,et al.  How to do discretionary access control using roles , 1998, RBAC '98.

[8]  Danielle Boulanger,et al.  A Role-Based Model for Access Control in Database Federations , 2001, ICICS.

[9]  Zahir Tari,et al.  Security Enforcement in the DOK Federated Database System , 1996, DBSec.

[10]  Jonathan K. Millen,et al.  Security for object-oriented database systems , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Fèlix Saltor,et al.  Maintaining the Confidentiality of Interoperable Databases with a Multilevel Federated Security System , 2001, DBSec.

[12]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[13]  Silvana Castano,et al.  Analysis, Comparison and Design of Role-Based Security Specifications , 1996, Data Knowl. Eng..

[14]  Teresa F. Lunt,et al.  Multilevel Security for Object-Oriented Database Systems , 1989, Database Security.

[15]  Ravi S. Sandhu Role Hierarchies and Constraints for Lattice-Based Access Controls , 1996, ESORICS.