ACCESS MODEL IN COOPERATIVE INFORMATION SYSTEMS - Preserving local autonomy with a global integration process

Eric Disson, Danielle Boulanger

Abstract

This research focuses on access security in cooperating information systems. The offered modeling has to treat the interoperation of open and evolutive information systems and, moreover, has to guarantee the respect of various local security policies. The coexistence of heterogeneous information sources within an information systems framework involves homogenization problems between local security policies. We distinguish two types of heterogeneity: heterogeneity of the local access policies and semantic heterogeneity between object or subject instances of the local access schemas. To solve this twofold difficulty, we propose an original role model allowing a unified representation of local access schemas. This model preserves the flow control properties in the three main access policies (discretionary, role-based model and multilevel models). The described access schemas are enriched to establish intra-system access authorizations.

References

  1. Bell D.E., LaPadula L.J., Secure Computer System: Unified Exposition and Multics Interpretation, Technical Report MTR-2997, MITRE Corp., Bedford, Mass, 1976.
  2. Boulanger D., Disson E., Dubois G., Object-Oriented Metadata for Secured Cooperation of Legacy Information Systems, International Workshop on Model engineering IWME'00, Sophia-Antipolis and Cannes, France, 12-16th June 2000.
  3. Boulanger D., Dubois G., An Object Approach for Information System Cooperation, Information Systems vol. 23, n°6, 1998.
  4. Castano S., Martella G. and Samarati P., Analysis, comparison and design of role-based security specifications, Data & Knowledge Engineering 21, 1997.
  5. Denning D.E., Secure Distributed Data Views: the Sea View formal security model, Technical Report A003 SRI International, 1987.
  6. Disson E, Boulanger D., Dubois G., A Role-Based Model for Access Control in Database Federations, 3rd International Conference on Information and Communications Security, ICICS'01, Xian, China, 13- 16 November 2001, LNCS 2229 Springer Verlag.
  7. Goyal M.L., Singh G.V., Access Control In Heterogeneous Database Management Systems, Computers and Security, 10(7), North-Holland, 1991.
  8. Jajodia S., Kogan B., Integrating an object-oriented data model with multi-level security, IEE Symposium on Security and Privacy, 1990.
  9. Jonscher D., Dittrich K.R., An Approach for Building Secure Database Federations, Int.'l Conf. On Very Large Databases, Santiago, 1994.
  10. Keefe T., Tsai W., Prototyping the SODA Security Model, Database Security III: Status and Prospects, NorthHolland, 1990.
  11. Lampson B.W., Protection, Princeton Symposium of Information Science and Systems. 1971.
  12. Lunt T.F., Multilevel Security for Object-Oriented Database Systems, Database Security III: Status and Prospects, North-Holland, 1990.
  13. Millen J.K., Lunt T.F., Security for Object-Oriented Database Systems, IEEE Symposium on Research in Security and Privacy, 1992.
  14. Nyanchama M., Osborn S., Modelling mandatory access control in role-based security systems, Database Security VIII: Status and Prospects. Chapman-Hall, 1996.
  15. Olivia M., Saltor F., Maintaining the Confidentiality of Interoperable Databases with a Multilevel Federated Security System in M. S. Olivier and D. L. Spooner (Eds). Database abd Application Security XV. Kluwer Academic Publishers, 2002.
  16. Olivier M.S., A Multilevel Secure Federated Database, Database Security VII, North-Holland, 1994.
  17. Pernul G., Canonical Security Modelling for Federated Databases, Interoperable Database Systems, NorthHolland, 1993.
  18. Sandhu R. S., Munawer Q., How to do Discretionary Access Control Using Roles, ACM Role-Based Access Control Workshop, 1998.
  19. Sandhu R. S., Role Hierarchies and Constraints for Lattice-based Access Controls, Fourth European Symposium on Research in Computer Security, Rome, Italy, 1996.
  20. Sandhu R.S., Coyne E.J., Feinstein H.L., Youman C.E., Role-Based Access Control Model, IEEE Computer, Vol 29, n°2, 1996.
  21. Shet A.P., Larson J.A., Federated Database Systems for Managing Distributed Heterogeneous and Autonomous Databases, ACM Computing Surveys vol.22 n°3, 1990.
  22. Tari Z., Fernandez G., Security Enforcement in the DOK Federated Database System, Database Security X, 1997.
Download


Paper Citation


in Harvard Style

Disson E. and Boulanger D. (2004). ACCESS MODEL IN COOPERATIVE INFORMATION SYSTEMS - Preserving local autonomy with a global integration process . In Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 972-8865-00-7, pages 259-266. DOI: 10.5220/0002610702590266


in Bibtex Style

@conference{iceis04,
author={Eric Disson and Danielle Boulanger},
title={ACCESS MODEL IN COOPERATIVE INFORMATION SYSTEMS - Preserving local autonomy with a global integration process},
booktitle={Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2004},
pages={259-266},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002610702590266},
isbn={972-8865-00-7},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - ACCESS MODEL IN COOPERATIVE INFORMATION SYSTEMS - Preserving local autonomy with a global integration process
SN - 972-8865-00-7
AU - Disson E.
AU - Boulanger D.
PY - 2004
SP - 259
EP - 266
DO - 10.5220/0002610702590266