Abstract
The interoperability among different data formats over the Internet has drawn increasing interest recently due to more and more heterogeneous data models are used in different Web services. In order to ease the manipulation of data models for heterogeneous data, generic model management has been intensively researched and also implemented in a prototype since its first introduction. Access control specifications attached to each individual data model require significant amount of efforts to manually specify. Based on a general security model for access control specifications on heterogeneous data models and its visual representation, we present secure model management operators for managing access control specifications.The secure model management operators disccussed in the paper include a secure match operator and a secure merge operator. We introduce a novel graphical schema matching algorithm and extend the algorithm to make a secure match operator. The paper also discusses secure merge principles for the integration of data models.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Atluri, V., Chun, S.: An Authiruization, Model for Geospatial Data. IEEE Transactions on Depoendable and Secure Computing 1, #4 (2005)
Bernstein, P.A., Halevy, A., Pottinger, R.A.: A Vision for Management of Complex Models. SIGMOD Record 29(4), 55–63 (2000)
Bertino, E., Ferrari, E.: Secure and Selective Dissemination of XML Documents. IEEE Trans. Information and System Security (TISSEC) 5(3), 290–331 (2002)
Bray, T., Paoli, J., Sperberg-Mcqueen, C., Maler, E.: Extensible Markup Language (XML) 1.0, 2nd edn. World Wide Web Consortium, W3C (2000), http://www.w3.org/TR/REC-xml
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Securing XML Documents. In: Zaniolo, C., Grust, T., Scholl, M.H., Lockemann, P.C. (eds.) EDBT 2000. LNCS, vol. 1777, pp. 121–135. Springer, Heidelberg (2000)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Fine Grained Access Control for SOAP E-Services. In: Proc. 10th Int. World Wide Web Conference, Hong Kong, China (May 2001)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A Fine-Grained Access Control System for XML Documents. ACM Trans. Information and System Security (TISSEC) 5(2), 169–202 (2002)
Farkas, C., Stoica, A., Talekar, P.: APTA: an Automated Policy Translation Architecture. In: Int. Conf. Computer, Communication and Control Technologies (2003)
Griffiths, P.P., Wade, B.W.: An Authorization Mechanism for a Relational Database System. ACM Trans. Database System (TODS) 1(3), 242–255 (1976)
Jajodia, S., Sanhu, R.: Toward a Multilevel Secure Relational Data Model. In: ACM SIGMOD (May 1990)
Jajodia, S., Samarati, P., Subrahmanian, V.S., Bertino, E.: A Unified Framework for Enforcing Multiple Access Control Policies. In: ACM SIGMOD, May 1997, pp. 474–485 (1997)
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible Support for Multiple Access Control Policies. ACM Trans. Database Systems (TODS) 26(2), 214–260 (2001)
Luo, B., Lee, D., Lee, W., Liu, P.: A Flexible Framework for Architecting XML Access Control Enforcement Mechanisms. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 133–147. Springer, Heidelberg (2004)
Madhavan, J., Bernstein, P.A., Rahm, E.: Generic Schema Matching Using Cupid. In: Proc. 27th VLDB Conf., Roma, Italy, September 2001, pp. 49–58 (2001)
Madhavan, J., Halevy, A.Y.: Composing Mappings Among Data Sources. In: Proc. 29th VLDB Conf., Berlin, German, September 2003, pp. 572–583 (2003)
Melnik, S., Garcia-Molina, H., Rahm, E.: Similarity Flooding: A Versatile Graph Matching Algorithm and its Application to Schema Matching. In: Proc. 18th ICDE, San Jose CA (Febuary 2002)
Melnik, S., Rahm, E., Bernstein, P.A.: Rondo: A Programming Platform for Generic Model Management. In: Proc. SIGMOD 2003 Conf., San Dieago, CA, June 2003, pp. 193–204 (2003)
Park, J., Sandhu, R.: The UCONABC Usage Control Model. ACM Transactions on Information and System Security 7(1) (February 2004)
Pottinger, R.A., Bernstein, P.A.: Merging Models Based on Given Correspondences. In: Proc. 29th VLDB Conf., Berlin, Germany, pp. 826–873 (2003)
Rahm, E., Bernstein, P.A.: A Survey of Approaches to Automatic Schema Matching. VLDB Journal 10(4), 334–350 (2001)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) (February 1996)
Sandhu, R., Chen, F.: The Multilevel Relational (MLR) Data Model. IEEE Trans. Information and System Security (TISSEC) 1(1) (1998)
Song, G.L., Zhang, K., Kong, J.: Model Management Through Graph Transformations. In: Proc. 2004 IEEE Symp. Visual Languages and Human-Centric Computing, September 2004, pp. 75–82. IEEE CS Press, Rome (2004)
Song, G.L., Zhang, K., Thuraisingham, B., Cao, J.: Towards Access Control of Visual Web Model Management. In: Proc. 2005 IEEE International Conf. on e-Technology, e-Commerce and e-Service (EEE 2005), March 2005. IEEE CS Press, Hong Kong (2005)
Tan, K.-L., Lee, M.L., Wang, Y.: Access Control of XML Documents in Relational Database Systems. In: Proc. Int. Conf. on Internet Computing (IC), Las Vegas, NV (June 2001)
Thuraisingham, B.: Security Constraint Processing in Multilevel Secure Distributed Systems. IEEE Transaction on Knowledge and Data Engineering 2, #2 (1995)
Wang, L., Wijesekera, D., Jajodia, S.: Towards Secure XML Federations. In: Proc. 16th IFIP WG11.3 Working Conference on Database and Application Security, July 28-31 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 IFIP International Federation for Information Processing
About this paper
Cite this paper
Song, G., Zhang, K., Thuraisingham, B., Kong, J. (2005). Secure Model Management Operations for the Web. In: Jajodia, S., Wijesekera, D. (eds) Data and Applications Security XIX. DBSec 2005. Lecture Notes in Computer Science, vol 3654. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11535706_18
Download citation
DOI: https://doi.org/10.1007/11535706_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28138-2
Online ISBN: 978-3-540-31937-5
eBook Packages: Computer ScienceComputer Science (R0)