Aggregation in Federated Databases: The DOK Approach
نویسنده
چکیده
This paper addresses the design of the DOK security service allowing the enforcement of both local and federated policies. The former are those policies which relate to local databases, whereas the latter speci es the aggregation rules that govern the access to data aggregates which reside in di erent databases. In this paper we describe the component of the DOK security service which enforces the federated security policies. These security policies are de ned as aggregation constraints and are expressed as static or dynamic expressions of the FELL logic language. Static and dynamic constraints describe the combinations of transactions that must be checked against single and multiple states of a federation respectively. To enforce such constraints, transitional graphs are built to model all their sub-computations. To monitor aggregation constraints, a marking technique (called Linear Marking Technique) is designed to check the nodes and transitions of transitional graphs.
منابع مشابه
Security Enforcement in the DOK Federated Database System
The Distributed Object Kernel (DOK) is a federated database system currently under development at the Royal Melbourne Institute of Technology. One of the issues currently under study is the development of a federated access control, as well a secure logical architecture allowing the DOK system to enforce federated security policies in the context of autonomous, distributed and heterogeneous dat...
متن کاملDesigning Security Agents for the DOK Federated System
This paper addresses two main issues of the DOK system [15], that is the design of a framework for enforcing security policies and a secure architecture which implements such a framework. Federated security policies are expressed as logic-based expressions (called \aggregation constraints") specifying the di erent combinations of transactions that a user is not allowed to issue, either in singl...
متن کاملUsing Agents for Secure Access to Data in the Internet
Relatively few databases are accessible over the Internet. With today's technology one would like to encapsulate a database and make it available over the Internet. A client using such databases would browse an old census database, look-up for references in an object-oriented database system, access descriptions and pictures over the Internet, or combine di erent information using NCSA Mosaic, ...
متن کاملDesigning the Reengineering Services for the DOK Federated Database System
This paper addresses the design of the reengineering service for federated databases. This service allows the hiding of the heterogeneity of databases involved in a federation by generating object-oriented representations from their corresponding schemata. We propose a complete methodology that supports the identi cation and the translation of both the explicit and implicit information. The ide...
متن کاملTowards Cooperative Databases: The Distributed Object Kernel (DOK) Approach
This paper addresses the development of a cooperative database system, called Distributed Object Kernel (DOK), which provides computation over heterogeneous databases. The DOK logical architecture has a clear separation of concerns, and involves a coordination layer, a task layer and a database layer. Each of these layers contains a set of agents which are specialised in performing speci c func...
متن کامل