Authorization model for summary schemas model
Tóm tắt
Security issues in multidatabases are complicated due to autonomy and heterogeneity of local databases. Deriving global authorizations by integrating underlying local authorizations is difficult since subjects and objects at each local database may not be compatible. In addition, local authorizations may conflict and could not be combined to form common global authorizations. This paper proposes an authorization model for a multidatabase system. The summary schemas model (SSM) is used as the underlying paradigm. The SSM resolves name differences in multidatabases using word relationships defined in a standard dictionary. Hypernyms and hyponyms of access terms exported from local databases are the main components of the SSM as they form a hierarchical metadata structure. SSM global authorizations tagged to hypernyms are derived from local authorizations using global roles and a role hierarchy defined in multidatabases. The model considers roles as common global subjects onto which local subjects can be mapped. Since the mapping can be done independently and autonomously among local databases, authorization autonomy is preserved. The paper also evaluates the performance of the proposed model. The simulation results show that the proposed model offers better performance than the original SSM since user queries with insufficient authority are rejected earlier. This results in less communication and less query response time.
Từ khóa
#Authorization #Data models #Data engineering #Database languages #Computer science #Computer security #Data security #Dictionaries #Delay #Distributed databasesTài liệu tham khảo
10.1007/s007780050038
10.1145/319171.319186
10.1109/DEXA.1999.795116
osborn, 2000, Database Security Integration using Role-Based Access Control, Proc IFIP 11th Working Conf Database Security, 1
10.1109/2.485845
10.1145/96602.96604
tari, 1996, Security Enforcement in the DOK Federated Database System, Proc IFIP 11th Working Conf Database Security, 23
wang, 1987, Access control in a heterogeneous distributed database management system, Proc Symp Reliability Distributed Software Database Syst
bukhres, 1996, Object-Oriented Multidatabase Systems
10.1145/176567.176569
dash, 1994, Summary Schemas Model: A Scheme for Handling Global Information Sharing, Proceedings of the International Conference on Intelligent Information Management Systems, 47
castano, 1996, An Approach to Deriving Global Authorizations in Federated Database Systems, Proc IFIP 11th Working Conf Database Security, 58
jonscher, 1994, An Approach for Building Secure Database Federations, Proceedings of the 20th VLDB Conference
10.1007/3-540-61770-1_30
bright, 1999, The Summary Schemas Model-An Approach for Handling Multidatabases: Concept and Performance Analysis, Multidatabase Systems An Advanced Solution for Global Information Sharing, 199
10.1145/50202.50217
10.1023/A:1011646626868