A Comparison of Two Architectures for Implementing Security and Privacy in Cyberspace

  • Reind van de Riet
  • Wouter Janssen
  • Martin Olivier
  • Radu Serban
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1873)

Abstract

In this paper we compare two approaches for implementing Security and Privacy systems in Cyberspace: a structured approach, such as done in Mokum, where access is governed by structure (of the classes), and two principles: the epistemic and the ontologic principle. The second approach is based on the use of capabilities, such as provided by ERP systems.

Keywords

security and privacy cyberspace architecture object-orientation capability 

References

  1. [DR94]
    Dehne, F., R.P. van de Riet: A Guided Tour through Mokum 2.0, IR-368, Faculteit Wiskunde en Informatica, VU, October 1994.Google Scholar
  2. [GG97]
    Gendler-Fishman, Masha, Ehud Gudes: Compile-time Flow analysis of Transactions and Methods in Object-Oriented Databases, in: T.Y. Lin, Sh. Qian (Eds)., Proceedings of Eleventh IFIP WG11.3 Working Conference on Database Security, Lake Tahoe, 1997, pp. 88–10Google Scholar
  3. [GRBO97]
    Gudes, Ehud, Reind van de Riet, Hans Burg, Martin Olivier: Alter-egos and Roles Supporting WorkFlow Security in Cyberspace, in:T.Y. Lin, Sh. Qian (Eds)., Proceedings of Eleventh IFIP WG11.3 Working Conference on Database Security, Lake Tahoe, 1997, pp. 152–166.Google Scholar
  4. [HTS97]
    Hale, John, Jody Threet, Sujeet Shenoi: Capability-Based Primitives for Access Control in Object-Oriented Systems, in: T.Y. Lin, Sh. Qian (Eds)., Proceedings of Eleventh IFIP WG11.3 Working Conference on Database Security, Lake Tahoe, 1997, pp. 88–103.Google Scholar
  5. [OGR98]
    Olivier, M.S. E. Gudes, R.P. van de Riet, J.F.M. Burg: Specifying Application-lev el Security in Workflow Systems in: R. Wagner (Ed). Database and Expert Systems Applications, IEEE Computer Society, 1998, pp. 346–354.Google Scholar
  6. [RB94]
    Riet, R.P. van de, Beukering, J.: The Integration of Security and Integrity Constraints in MOKUM in: J. Biskup, M. Morgenstern, C. Landwehr (Eds), Proceedings of IFIP WG11.3 Working Conference on Database Security, IFIP/ North Holland, 1994,pp. 223–246.Google Scholar
  7. [RB96]
    Riet, R.P. van de, J.F.M. Burg, Modelling Alter Egos in Cyberspace: Who is Responsible? in: Proceedings WebNet96, San Francisco, AACE (Association for the Advancement of Computing in Education), Charlottesville, USA pp. 462–467, 1996.Google Scholar
  8. [RB97]
    Riet, R.P. van de, J.F.M. Burg, Modelling Alter Egos in Cyberspace: using a Work Flow management tool: who takes care of the Security and Privacy in: S. Lobodzinsky, I. Tomek (Eds)., Proceedings of WebNet97, Toronto, Association for the Advancement of Computing.Google Scholar
  9. [RBK91]
    Rabitti, F., E. Bertino, W. Kim, D. Woelk: A Model of Authorization for nextgeneration database systems, ACM Transactions on Database Systems, Vol. 16, No. 1, pp. 88–131, 1991.CrossRefGoogle Scholar
  10. [RDR97]
    Radu, S., F. Dehne and R.P. van de Riet, A first step towards distributed Mokum, Technical Report 428, Computer Science Department, Vrije Universiteit, 1997.Google Scholar
  11. [RG96]
    Riet, R.P. van de, E. Gudes: An Object-Oriented Database Architecture for Providing High-Level Security in Cyberspace in: P. Samarati, R. Sandhu (Eds)., Proceedings of Tenth IFIP WG11.3 Working Conference on Database Security, Como 1996, pp. 92–115.Google Scholar
  12. [RJ97]
    Riet, R.P. van de, Andrea Junk & E. Gudes: Security in Cyberspace: a Knowledge-base Approach, Data and Knowledge Engineering, Vol 24, Nr. 1, North Holland, 1997, pp. 69–98.CrossRefGoogle Scholar
  13. [RJG98]
    Riet, R.P. van de, W. Janssen, P. de Gruijter: Security moving from Database Systems to ERP Systems in: R. Wagner (Ed). Database and Expert Systems Applications, IEEE Computer Society, 1998, pp. 273–280.Google Scholar
  14. [St76]
    Stonebraker, M., E. Wong, P. Kreps, G. Held: The Design and Implementation of INGRES, Transactions on Database Systems, ACM, Vol 1, Nr. 3. pp. 189–222., 1976.CrossRefGoogle Scholar
  15. [TR2000]
    Wouter Teepe, Reind van de Riet, Martin Olivier: WorkFlow Analyzed for Security and Privacy in using Databases; submitted for publication. 2000.Google Scholar
  16. [Va95]
    Varadharajan, V. Distributed Object System Security, Information Security-the next Decade, Edited by H.P Eloff and S. H. von Solms, Chapman & Hall, 1995, pp. 305–321.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Reind van de Riet
    • 1
  • Wouter Janssen
    • 2
  • Martin Olivier
    • 3
  • Radu Serban
    • 1
  1. 1.Department of Mathematics and Computer ScienceVrije UniversiteitAmsterdam
  2. 2.ERS-Deloitte&ToucheAmsterdam
  3. 3.Department of Computer ScienceRand Afrikaans UniversityJohannesburgSouth Africa

Personalised recommendations