Title :
A role-based access control model for information mediation
Author :
Yang, Li ; Ege, Raimund K. ; Ezenwoye, Onyeka ; Kharma, Qasem
Author_Institution :
Sch. of Comput. Sci., Florida Int. Univ., Miami, FL, USA
Abstract :
With the increasing demands for data integration and exchange among distributed heterogeneous sources, many applications require secure interoperation and the information sharing. Mediation techniques provide an extended amalgamation of searching and querying in heterogeneous systems, but enlarge the space of possible threats to local data sources. How to encourage data sharing while enforce required protection to resources is a challenging problem. Traditional access control mechanisms and methods are inadequate to reflect the heterogeneous environment and the flexible access control requirements. This paper presents a mediation security architecture for information integration based on role-based access control (RBAC). An adorned XML model (AXM) is used to homogenize security data modeling. Security requirements of mediation systems are specified by constraints over various RBAC dimensions. An incremental security enforcement method is proposed to integrate RBAC modules into the mediation architecture. The method supports adaptive and scalable design of secure mediation systems.
Keywords :
XML; authorisation; formal specification; open systems; software architecture; adorned XML model; distributed heterogeneous sources; formal specification; information integration; information sharing; mediation security architecture; role-based access control; secure interoperation; Access control; Application software; Computer science; Data security; Hospitals; Information security; Information systems; Mediation; Protection; XML;
Conference_Titel :
Information Reuse and Integration, 2004. IRI 2004. Proceedings of the 2004 IEEE International Conference on
Print_ISBN :
0-7803-8819-4
DOI :
10.1109/IRI.2004.1431474
