Security Enforcement in the DOK Federated Database System
نویسندگان
چکیده
The Distributed Object Kernel (DOK) is a federated database system currently under development at the Royal Melbourne Institute of Technology. One of the issues currently under study is the development of a federated access control, as well a secure logical architecture allowing the DOK system to enforce federated security policies in the context of autonomous, distributed and heterogeneous databases. In this paper, we propose a Uni ed Security Model aiming for the integration of existing access control models, such as Mandatory Access Control and Discretionary Access Control, which could have been imposed on local components of a DOK application. Also, we extend the initial DOK multi-layered architecture proposed in (Tari et al. 1996) to include di erent types of security agents allowing the enforcement of di erent security functions within a federated environment. Coordination agents are responsible for maintaining a federation in a secure state by delegating the di erent functions to speci c agents, called Task agents. By delegating the access of information within local databases to Database agents, the Task agents enforce the federated security policies using speci c security procedures.
منابع مشابه
Designing Security Agents for the DOK Federated System
This paper addresses two main issues of the DOK system [15], that is the design of a framework for enforcing security policies and a secure architecture which implements such a framework. Federated security policies are expressed as logic-based expressions (called \aggregation constraints") specifying the di erent combinations of transactions that a user is not allowed to issue, either in singl...
متن کاملUsing Agents for Secure Access to Data in the Internet
Relatively few databases are accessible over the Internet. With today's technology one would like to encapsulate a database and make it available over the Internet. A client using such databases would browse an old census database, look-up for references in an object-oriented database system, access descriptions and pictures over the Internet, or combine di erent information using NCSA Mosaic, ...
متن کاملAggregation in Federated Databases: The DOK Approach
This paper addresses the design of the DOK security service allowing the enforcement of both local and federated policies. The former are those policies which relate to local databases, whereas the latter speci es the aggregation rules that govern the access to data aggregates which reside in di erent databases. In this paper we describe the component of the DOK security service which enforces ...
متن کاملSecurity issues for federated database systems
This paper describes security issues for federated database management systems set up for managing distributed, heterogeneous and autonomous multilevel databases. It builds on our previous work in multilevel secure distributed database management systems and on the results of others’ work in federated database systems. In particular, we define a multilevel secure federated database system and d...
متن کاملAn Adaptable Approach for Integrity Control in Federated Database Systems
In database federations the integrity problem arises from the degree of heterogeneity and autonomy of participating component database systems. This causes integrity control more complicate than that in traditional centralized database systems. Semantic integrity should be considered in two phases: constraint federation and constraint enforcement. Otherwise, the administrators of component data...
متن کامل