eSciDoc Infrastructure: a Fedora-based e-Research Framework

4th International Conference on Open RepositoriesThis presentation was part of the session : Fedora User Group PresentationsDate: 2009-05-20 03:30 PM – 05:00 PMeSciDoc is the open-source e-Research environment jointly created by the German Max Planck Society and FIZ Karlsruhe. It consists of a generic set of basic services ("eSciDoc Infrastructure") and various applications built on top of this infrastructure ("eSciDoc Solutions"). This presentation will focus on the eSciDoc Infrastructure, highlight the differences to the underlying Fedora repository, and demonstrate its powerful und application-centric programming model. In the end of 2008, we released version 1.0 of the eSciDoc Infrastructure. Digital Repositories undergo yet again a substantial change of paradigm. While they started several years ago with a library perspective, mainly focusing on publications, they are now becoming more and more a commodity tool for the workaday life of researchers. Quite often the repository itself is just a background service, providing storage, persistent identification, preservation, and discovery of the content. It is hidden from the end-user by means of specialized applications or services. Fedora's approach of providing a repository architecture rather than an end-user tool accommodates well to this evolution. eSciDoc, from the start of the project nearly five years ago, has emphasized this design pattern by separating backend services (eSciDoc Infrastructure) and front-end applications (eSciDoc Solutions)

Patterns for service-oriented information exchange requirements

Service-Oriented Computing (SOC) is an emerging computing paradigm that supports loosely-coupled inter-enterprise interactions. SOC interactions are predominantly specified in a procedural manner that defines message sequences intermixing implementation with business requirements. In this paper we present a set of patterns concerning requirements of information exchange between participants engaging in service-oriented interactions. The patterns aim at explicating and elaborating the business requirements driving the interaction and separating them from implementation concerns

User-Oriented Authorization in Collaborative Environments

Access rights for collaborative systems tend to be rather complex, leading to difficulties in the presentation and manipulation of access policies at the user interface level. We confront a theoretical access rights model with the results of a field study which investigates how users specify access policies. Our findings suggest that our theoretical model addresses most of the issues raised by the field study, when the required functionality can be presented in an appropriate user interface

A Design of MAC Model Based on the Separation of Duties and Data Coloring: DSDC-MAC

Among the access control methods for database security, there is Mandatory Access Control (MAC) model in which the security level is set to both the subject and the object to enhance the security control. Legacy MAC models have focused only on one thing, either confidentiality or integrity. Thus, it can cause collisions between security policies in supporting confidentiality and integrity simultaneously. In addition, they do not provide a granular security class policy of subjects and objects in terms of subjects\u27 roles or tasks. In this paper, we present the security policy of Bell_LaPadula Model (BLP) model and Biba model as one complemented policy. In addition, Duties Separation and Data Coloring (DSDC)-MAC model applying new data coloring security method is proposed to enable granular access control from the viewpoint of Segregation of Duty (SoD). The case study demonstrated that the proposed modeling work maintains the practicality through the design of Human Resources management System. The proposed model in this study is suitable for organizations like military forces or intelligence agencies where confidential information should be carefully handled. Furthermore, this model is expected to protect systems against malicious insiders and improve the confidentiality and integrity of data

Context-aware Authorization in Highly Dynamic Environments

Highly dynamic computing environments, like ubiquitous and pervasive computing environments, require frequent adaptation of applications. Context is a key to adapt suiting user needs. On the other hand, standard access control trusts users once they have authenticated, despite the fact that they may reach unauthorized contexts. We analyse how taking into account dynamic information like context in the authorization subsystem can improve security, and how this new access control applies to interaction patterns, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS), in smart home security