Abstract
A secure mediated information system should support scenarious where dynamically changing information sources advertise their information resources, and application specific mediators collect and assemble these resources into useful information in order to support the requests of their spontaneous clients. While doing this, the mediators should enforce security constraints in the application environments. In this paper, we compare mediated information systems with federated database systems with respect to design issues and security issues in order to clarify the different motivations of both systems. Furthermore, we present our secure mediated querying protocol using the concepts of credentials for authentic authorization. We also highlight some multimedia specific security requirements and mechanisms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
Bibliography
A., K. C; Ambite, J. L. (1997). Agents for Information Gathering. In: Bradshaw, J. M. (ed.): Software Agents. MIT Press, Cambridge. http://www.isi.edu/sims/knoblock/info-agents.html.
Altenschmidt, C.; Biskup, J.; Freitag, J.; Sprick, B. (1998). Weakly constraining multimedia types based on a type embedding ordering. In: Proc. 4th Int. Workshop on Multimedia Information Systems, pages 121–129. Istanbul, Turkey.
Anderson, R. (ed.) (1996). 1st International Workshop on Information Hiding, LNCS, Cambridge, England. Springer-Verlag.
Arens, Y.; Knoblock, C. A.; Shen, W. (1996). Query Reformulation for Dynamic Information Integration. Journal of of Intelligent Information Systems 6 (2–3).
Bayardo, R. J. et al. (1997). InfoSleuth: Agent-based Semantic Integration of Information in Open and Dynamic Environments. In: SIGMOD’97, pages 195- 206. Tucson, AZ, USA.
Biskup, J.; Freitag, J.; Karabulut, Y.; Sprick, B. (1997a). A Mediator for multimedia systems. In: Proc. 3rd Int. Workshop on Multimedia Information Systems, pages 145–153. Como, Italia.
Biskup, J.; Freitag, J.; Karabulut, Y.; Sprick, B. (1997b). Query Evaluation in an object-oriented multimedia mediator. In: Proc. 4th Int. Conf. on Object-Oriented Information Systems, pages 31–43. Springer Verlag, Brisbane, Australia.
Biskup, J.; Flegel, U.; Karabulut, Y. (1998). Secure Mediation: Requirements and Design. In: 12th Annual IFIP WG 11. 3 Working Conference on Database Security. Chalkidiki, Greece.
Candan, K. S.; Jajodia, S.; Subrahmanian, V. S. (1996). Secure Mediated Databases. In: Y. W. Su, S. (ed.): 12th International Conference on Data Eng., pages 28–37. IEEE, IEEE Computer Society Press, New Orleans, Louisiana, USA.
Carey, M. J. et al. (1995). Towards Heterogeneous Multimedia Information Systems: The Garlic Approach. In: Proceedings of the Fifth International Workshop on Research Issues in Data Engineering(RIDE): Distributed Object Management, pages 123–130. L. A., California.
Chaum, D. (1985). Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28 (10), pages 1030–1044.
Cheng, H.; Li, X. (1996). On the application of image decomposition to image compression and encryption. In: Hörster, P. (ed.): Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security, pages 116–127. Chapman andx Hall, Essen, Germany.
Crusselles, E. et al. (1995). Secure Communications in Broadband Networks. In: Proceedings of the 3rd International Conference on Telecommunication Systems, pages 114–122. Nashville, Tennessee, USA.
Genesereth, M.; Ketchpel, S. (1994). Software Agents. Communications of the ACM 37 (7), pages 48 - 53.
Heimbigner, D.; McLeod, D. (1985). A federated architecture for information management. ACM Transactions on Office Information Systems 3 (3), pages 253–278.
Hull, R.; Zhou, G. (1996). A Framework for Supporting Data Integration Using the Materialized and Virtual Approaches. In: ACM SIGMOD’96, pages 481–492. ACM, Montreal, Canada.
IETF SPKI Working Group. (1998). SPKI Certificate Documentation. http://www.clark.net/pub/cme/html/spki.html.
Jajodia, S.; Samarati, P.; Subrahmanian, V.; Bertino, E. (1997). A Unified Framework for Enforcing Multiple Access Control Policies. In: SIGMOD’97, pages 474 - 485. Tucson, AZ, USA.
Jonscher, D.; Dittrich, K. R. (1994). An Approach For Building Secure Database Federations. In: Proceedings of the 20th international conference on very large databases, pages 24–35.
Levy, A. Y.; Rajaraman, A.; Ordille, J. J. (1996). Querying Heterogeneous Information Sources Using Source Descriptions. In: Proceedings of 22nd international Conference on Very Large Data Bases VLDB’96, pages 251–262. Morgan Kaufmann, Mumbai (Bombay), India.
Litwin, W.; Mark, L.; Roussopoulos, N. (1990). Interoperability of multiple autonomous databases. ACM Computing Surveys 22 (3), pages 267–293.
Liu, L.; Pu, C. (1995). Distributed Interoperable Object Model and Its Application to Large-scale Interoperable Database Systems. In: Proceedings of ACM International Conference on Information and Knowledge Management (CIKM’95).
Macq, B.; Quisquater, J.-J. (1995). Cryptology for digital TV broadcasting. Proceedings of the IEEE 83 (6), pages 944–957.
Mena, E.; Kashyap, V.; Sheth, A.; Illarramendi, A. (1996). OBSERVER: an Approach for Query Processing in Global Information Systems based on Interoperation accross Pre-existing Ontologies. In: First IFCIS International Conference on Cooperative Information Systems (CoopIS’96). Brussels, Belgium.
Object Management Group. (1995). The Common Object Request Broker, Architecture and Specification, Revision 2. 0. http://www.omg.org/corba/corbiiop.htm.
Pfitzmann, B.; Waidner, M. (1997). Anonymous Fingerprinting. In: EuroCrypt’97, LNCS. Springer-Verlag, Berlin.
RACE Concertation. (1994). Conditional Access Workshop, 44th RACE Concertation Meeting, Brüssel.
Rivest, R. L.; Lampson, B. (1998). A Simple Distributed Security Infrastructure (SDSI). http://theory.lcs.mit.edu/cis/sdsi.html.
Sandhu, R. (1996). Role hierarchies and Constraints for Lattice-based access controls. In: Bertino, E.; Kurth, H.; Martella, G.; Montolivo, E. (eds.): ESORICS 96, pages 65–79. Springer-Verlag, Rome, Italy.
Sandhu, R.; Coyne, E.; Feinstein, H.; Youman, C. (1996). Role-Based access control models. IEEE Computer 2, pages 38–47.
Sheth, A. P.; Larson, J. A. (1990). Federated Database Systems for Managing Distributed, Heterogeneous, and Autonomous Databases. ACM Computing Surveys 22(3J, pages 183–236.
Storck, D.; Koch, E. (1997). Controlable User Access on Multimedia Data in World Wide Web. In: Proceedings of the International Conference on Image Science, Systems, and technology (CISST’97), pages 270–278. Las Vegas, Nevada USA.
Subrahmanian, V. S.; Adali, S.; Brink, A.; Emery, R. HERMES: Heterogeneous Reasoning and Mediator System. Submitted for publication. http://www.es.umd.edu/projects/hermes/.
Tomasic, A.; Raschid, L.; Valduriez, P. (1995). Scaling Heterogeneous Databases and the Design of DISCO. In: Proceedings of the International Conference on Distributed Computer Systems. Hong Kong.
Ullman, J. D. (1997). Information Integration Using Logical Views. In: Proceedings of the 6th International Conference on Database Theory, ICDT’97, LNCS, pages 19 - 40. Springer-Verlag, Berlin, Delphi, Greece.
Wells, D. (1996). Wrappers: Survey.
Wiederhold, G.; Genesereth, M. (1997). The Conceptual Basis for Mediation. IEEE Expert, Intelligent Systems and their Applications 12 (5), pages 38 - 47.
Wiederhold 95] Wiederhold, G. (1995). 13 (Intelligent Integration of Information) Glossary. http://www-db.stanford.edU/pub/gio/1994/vocabulary.html#value.
Wiederhold 971 Wiederhold, G.; Bilello, M.; Donahue, C. (1997). Web Implementation of a Security Mediator for Medical Databases. In: Lin, T. Y.; Qian, S. (eds.): Database Security XI: Status and Prospects, Proceedings of the 11th Annual IFIP WG11 Working Conference on Database Security, pages 60–72. IFIP, Chapman andx Hall, Lake Tahoe, California.
Yang, L. L.; Özsu, T.; Liu, L. (1997). Accessing Heterogeneous Data Through Homogenization and Integration Mediators. In: Second IFCIS Conference on Cooperative Information Systems (CoopIS-97). Charleston, South Carolina.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1999 Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, Braunschweig/Wiesbaden
About this chapter
Cite this chapter
Biskup, J., Flegel, U., Karabulut, Y. (1999). Towards Secure Mediation. In: Röhm, A.W., Fox, D., Grimm, R., Schoder, D. (eds) Sicherheit und Electronic Commerce. DuD-Fachbeiträge. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-84901-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-322-84901-4_7
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-03139-8
Online ISBN: 978-3-322-84901-4
eBook Packages: Springer Book Archive