Providing Dynamic Security Control in a Federated Database.

Norbik Bashah Idris, W. A. Gray, R. F. Churchhouse: Providing Dynamic Security Control in a Federated Database. VLDB 1994: 13-23

@inproceedings{DBLP:conf/vldb/IdrisGC94,
  author    = {Norbik Bashah Idris and
               W. A. Gray and
               R. F. Churchhouse},
  editor    = {Jorge B. Bocca and
               Matthias Jarke and
               Carlo Zaniolo},
  title     = {Providing Dynamic Security Control in a Federated Database},
  booktitle = {VLDB'94, Proceedings of 20th International Conference on Very
               Large Data Bases, September 12-15, 1994, Santiago de Chile, Chile},
  publisher = {Morgan Kaufmann},
  year      = {1994},
  isbn      = {1-55860-153-8},
  pages     = {13-23},
  ee        = {db/conf/vldb/vldb94-13.html},
  crossref  = {DBLP:conf/vldb/94},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}

Abstract

When data is being used in a federated database, the aim is to give a loose coupling of the data in the component databases so that a very dynamic and therefore flexible pattern of data sharing can be established. When security integration is performed this flexibility is curtailed by the resultant security level established at integration time which by default is the least upper bound between candidate security levels. Such overclassification of data implies that there will be authorised users who are debarred at the federation level to access the data. To circumvent this problem there is a need for a dynamic mandate type control for definite periods of the federated system's existence. An approach to establishing such temporary dynamic security control is described in this paper. It is an adaptation of Shamir's method [Shamir79] for sharing a secret, and it aims to let users who are debarred at the default security level from access to particular data, gain access to this data under local control if an appropriate combination of current database administrator of the system are prepared to grant the access dynamically.

Copyright © 1994 by the VLDB Endowment. Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the VLDB copyright notice and the title of the publication and its date appear, and notice is given that copying is by the permission of the Very Large Data Base Endowment. To copy otherwise, or to republish, requires a fee and/or special permission from the Endowment.

Online Paper

Download PDF file (www.vldb.org, Darmstadt, Germany)
Download PDF file (www.acm.org, New York, USA)

ACM SIGMOD Anthology

CDROM Version: Load the CDROM "Volume 1 Issue 5, VLDB '89-'97" and ...

Windows: Click the letter of your CD drive
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Mac: Click here
UNIX/LINUX: mount the CD and click on the path of your mount point:
/Anthology/vldb8997 or /cdrom

DVD Version: Load ACM SIGMOD Anthology DVD 1" and ...

Windows: Click the letter of your CD drive
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Mac: Click here
UNIX/LINUX: mount the DVD and click on the path of your mount point:
/Anthology/aDVD1 or /dvd

Printed Edition

Jorge B. Bocca, Matthias Jarke, Carlo Zaniolo (Eds.): VLDB'94, Proceedings of 20th International Conference on Very Large Data Bases, September 12-15, 1994, Santiago de Chile, Chile. Morgan Kaufmann 1994, ISBN 1-55860-153-8
Contents

References

[B+89]: Elisa Bertino, Mauro Negri, Giuseppe Pelagatti, Licia Sbattella: Integration of heterogeneous database applications through an object-oriented interface. Inf. Syst. 14(5): 407-420(1989)
[BG92]: ...
[BLN86]: Carlo Batini, Maurizio Lenzerini, Shamkant B. Navathe: A Comparative Analysis of Methodologies for Database Schema Integration. ACM Comput. Surv. 18(4): 323-364(1986)
[Dat86]: C. J. Date: An Introduction to Database Systems, Volume I, 4th Edition. Addison-Wesley 1986
[DD93]: ...
[Den82]: ...
[FGRC92]: ...
[HFG87]: D. I. Howells, N. J. Fiddian, W. A. Gray: A Source-to-Source Meta-Translation System for Relational Query Languages. VLDB 1987: 227-234
[Hsi91]: ...
[IQG93]: Norbik Bashah Idris, W. A. Gray, M. A. Qutaishat: Integration of Secrecy Features in a Federated Database Environment. DBSec 1993: 89-108
[IT94]: ...
[KC90]: Setrag Khoshafian, George P. Copeland: Object Identity. OOPSLA 1986: 406-416
[Lan81]: Carl E. Landwehr: Formal Models for Computer Security. ACM Comput. Surv. 13(3): 247-278(1981)
[LOP91]: Hongjun Lu, Beng Chin Ooi, HweeHwa Pang: Multilevel Security Control in Multidatabase Management Systems. RIDE-IMS 1991: 359-363
[OV91]: M. Tamer Özsu, Patrick Valduriez: Principles of Distributed Database Systems. Prentice-Hall 1991, ISBN 0-13-715681-2
[PG88]: Norman W. Paton, Peter M. D. Gray: Identification of Database Objects by Key. OODBS 1988: 280-285
[QFG92a]: M. A. Qutaishat, N. J. Fiddian, W. A. Gray: Association Merging in a Schema Meta-Integration System for a Heterogeneous Object-Oriented Database Environment. BNCOD 1992: 209-226
[QFG92b]: ...
[QFG92c]: ...
[R+91]: ...
[RFG91]: A. Ramfos, N. J. Fiddian, W. A. Gray: A Meta-Translation System for Object-Oriented to Relational Schema Translations. BNCOD 1991: 245-268
[RGF89]: ...
[Sha79]: Adi Shamir: How to Share a Secret. Commun. ACM 22(11): 612-613(1979)
[Sim92]: ...
[SLCN88]: Amit P. Sheth, James A. Larson, Aloysius Cornelio, Shamkant B. Navathe: A Tool for Integrating Conceptual Schemas and User Views. ICDE 1988: 176-183
[Ste89]: Jacob Stein, T. Lougenia Anderson, David Maier: Mistaking Identity. DBPL 1989: 161-168
[Thu90]: ...
[Thu92]: ...
[TR92]: ...
[WS87]: ...