An Exploratory Research on Data Management in the Multidatabase Environment

This paper outlines a research framework on data management in the multidatabase (MDB) environment with the specific focus on the implementation of the federated database system (FDBS). We propose that (1) one essential goal of data management in MDB environment is to balance the organizational tension between empowered subunits and organizational integration and coordination; (2) the selection of FDBS development methodology depends on topologies of organizations; (3) elements of political and power balancing are much relevant to understanding resistance to FDBS implementation; and (4) the role played by middle managers of organizational subunits is two-fold. Empirical studies will be developed with a multi-method approach to investigate relationships proposed herein

Access Control for Data Integration in Presence of Data Dependencies

International audienceDefining access control policies in a data integration scenario is a challenging task. In such a scenario typically each source specifies its local access control policy and cannot anticipate data inferences that can arise when data is integrated at the mediator level. Inferences, e.g., using functional dependencies, can allow malicious users to obtain, at the mediator level, prohibited information by linking multiple queries and thus violating the local policies. In this paper, we propose a framework, i.e., a methodology and a set of algorithms, to prevent such violations. First, we use a graph-based approach to identify sets of queries, called violating transactions, and then we propose an approach to forbid the execution of those transactions by identifying additional access control rules that should be added to the mediator. We also state the complexity of the algorithms and discuss a set of experiments we conducted by using both real and synthetic datasets. Tests also confirm the complexity and upper bounds in worst-case scenarios of the proposed algorithms

Authorization specification and enforcement in Federated Database systems

A federated system is a collection of cooperating autonomous databases. Federated systems represent today one of the new emerging technologies for data management. This success comes from the need to integrate and work on different existing systems that have been developed and have evolved independently. The necessity of making them available to users as if they were a single system, while at the same time not affecting their independent working, arises several issues with respect to authorization management and specification and to access control enforcement. In this paper we discuss some of these issues and present an authorization model for the specification and enforcement of authorizations in federated database systems. The model allows users to make their data available to the federation and to choose among different administrative policies for regulating the specification of authorizations