Abstract
Authentication in federated database systems present difficulties because the autonomously operated components may not know the identity of federation users. One proposed solution is subject switching, where the federation translates the federated users identity to that of an agreed upon component subject. This translation may be problematic, due to not having component subjects with the same accesses requested by federation users. Therefore, we propose using proximity measures between requested and provided accesses and present two policy neutral algorithms to find proximity minimizing matches between a federation subject and a collection of component subjects.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35587-0_24
Chapter PDF
Similar content being viewed by others
References
De Capitani di Vimercati, S. and Samarati, P., Authorization Specification and Enforcement in Federated Database System, Journal of Computer Security, Vol.5, No.2, Pages. 155–188, 1997.
Heimbigner, D., McLeod, D., A Federated Architecture for Information Management, ACM Trans. Off. Inf. Syst. 3, 3, July 1985.
Jajodia, S., Samarati, P., Sapino, M. L. and Subrahmanian, V. S. Flexible Support for Multiple Access Control Policies in Transactions of Database Systems, June 2001, To appear.
Jonscher, D., Dittrich, K.R., An Approach For Building Secure Database Federations, Proceedings of the 201“ VLDB Conference, Santiago, Chile, 1994.
Sheth, A.P., Larson, J.A., Federated Database Systems for Mansaging Distributed, Heterogeneous, and Autonomous Database, ACM Computing Surveys, Vol. 22, No. 3, September 1990.
Veijalainen, J., and Popescu-Zeletin, R., Multi-database Systems in ISO/OSI in Standards in Information Technology and Industrial Control, Malagardis, N., and Williams, T., Eds North-Holland Pages 83–97, 1988.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Yang, J., Wijesekera, D., Jajodia, S. (2002). Subject Switching Algorithms for Access Control in Federated Databases. In: Olivier, M.S., Spooner, D.L. (eds) Database and Application Security XV. IFIP — The International Federation for Information Processing, vol 87. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35587-0_5
Download citation
DOI: https://doi.org/10.1007/978-0-387-35587-0_5
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1028-1
Online ISBN: 978-0-387-35587-0
eBook Packages: Springer Book Archive