Orchestrating Access Control in Peer Data Management Systems

  • Christoph Sturm
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4254)


This paper describes an approach to establish access control mechanisms in a peer data management system (PDMS). Based on the research on security in Peer-to-Peer networks, we develop a decentralized access control component for PDMS. For this purpose, information resident in local access control components in the peers is used, and mappings between the peer access control policies are established. A client side access control mechanism enforces access rights in the whole PDMS.


Access Control Access Control Mechanism Secure Authentication Malicious Peer Trust Management System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aberer, K., Despotovic, Z.: Managing Trust in a Peer-2-Peer Information System. In: Proceedings of the Tenth International Conference on Information and Knowledge Management (CIKM 2001), pp. 310–317 (2001)Google Scholar
  2. 2.
    Altenschmidt, C., Biskup, J., Flegel, U., Karabulut, Y.: Secure Mediation: Requirements, Design, and Architecture. Journal of Computer Security 11(3), 365–398 (2003)Google Scholar
  3. 3.
    Berket, K., Essiari, A., Muratas, A.: PKI-Based Security for Peer-to-Peer Information Sharing. In: Proceesings of the Fourth International Conference on Peer-to-Peer Computing (P2P 2004), pp. 45–52 (2004)Google Scholar
  4. 4.
    Bertino, E., Carminati, B., Ferrari, E., Thuraisingham, B., Gupta, A.: Selective and Authentic Third-Party Distribution of XML Documents. IEEE Transactions on Knowledge and Data Engineering 16(10), 1263–1278 (2004)CrossRefGoogle Scholar
  5. 5.
    Bouganim, L., Dang Ngoc, F., Pucheral, P.: Client-Based Access Control Management for XML documents. In: Proceedings of the 30th International Conference on Very Large Data Bases (VLDB 2004), pp. 84–95 (2004)Google Scholar
  6. 6.
    Crispo, B., Sivasubramanian, S., Mazzoleni, P., Bertino, E.: P-Hera: Scalable Fine-grained Access Control for P2P Infrastructures. In: Proceedings of the 11th International Conference on Parallel and Distributed Systems (ICPADS 2005), pp. 585–591 (2005)Google Scholar
  7. 7.
    De Capitani di Vimercati, S., Samarati, P.: Authorization specification and enforcement in federated database systems. Journal of Computer Security 5(2), 155–188 (1997)Google Scholar
  8. 8.
    Douceur, J.R.: The Sybil Attack. In: Revised Papers from the First International Workshop on Peer-to-Peer Systems (IPTPS 2001), pp. 251–260 (2001)Google Scholar
  9. 9.
    Franconi, E., Kuper, G.M., Lopatenko, A., Zaihrayeu, I.: The coDB Robust Peer-to-Peer Database System. In: Proceedings of the Twelfth Italian Symposium on Advanced Database Systems (SEBD 2004), pp. 382–393 (2004)Google Scholar
  10. 10.
    Halevy, A.Y., Ives, Z.G., Suciu, D., Tatarinov, I.: Schema Mediation in Peer Data Management Systems. In: Proceedings of the 19th International Conference on Data Engineering (ICDE 2003), pp. 505–516 (2003)Google Scholar
  11. 11.
    Heimbigner, D., McLeod, D.: A Federated Architecture for Information Management. ACM Transactions on Information Systems (TOIS) 3(3), 253–278 (1985)CrossRefGoogle Scholar
  12. 12.
    Jonscher, D., Dittrich, K.R.: An Approach for Building Secure Database Federations. In: Proceedings of 20th International Conference on Very Large Databases (VLDB 1994), pp. 24–35 (1994)Google Scholar
  13. 13.
    Kementsietsidis, A., Arenas, M., Miller, R.J.: Mapping Data in Peer-to-Peer Systems: Semantics and Algorithmic Issues. In: Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data, pp. 325–336 (2003)Google Scholar
  14. 14.
    Miklau, G., Suciu, D.: Controlling Access to Published Data Using Cryptography. In: Proceedings of 29th International Conference on Very Large Databases (VLDB 2003), pp. 898–909 (2003)Google Scholar
  15. 15.
    Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard (February 2005)Google Scholar
  16. 16.
    Wee Siong, N., Beng Chin, O., Tan, K.-L., Aoying, Z.: PeerDB: A P2P-based System for Distributed Data Sharing. In: Proceedings of the 19th International Conference on Data Engineering (ICDE 2003), pp. 633–644 (2003)Google Scholar
  17. 17.
    Sandhu, R., Xinwen, Z.: Peer-to-Peer Access Control Architecture Using Trusted Computing Technology. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies (SACMAT 2005), pp. 147–158 (2005)Google Scholar
  18. 18.
    Wallach, D.S.: A Survey of Peer-to-Peer Security Issues. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 42–57. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Li, X., Ling, L.: PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering 16(7), 843–857 (2004)CrossRefGoogle Scholar
  20. 20.
    Yang, J., Wijesekera, D., Jajodia, S.: Subject Switching Algorithms for Access Control in Federated Databases. In: Proceedings of the 15th Annual Working Conference on Database and Application Security (DBSec 2001), pp. 61–74 (2002)Google Scholar
  21. 21.
    Ziegler, P., Dittrich, K.R.: User-Specific Semantic Integration of Heterogeneous Data: The SIRUP Approach. In: Bouzeghoub, M., Goble, C.A., Kashyap, V., Spaccapietra, S. (eds.) ICSNW 2004. LNCS, vol. 3226, pp. 44–64. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Christoph Sturm
    • 1
  1. 1.Department of InformaticsUniversity of Zurich 

Personalised recommendations