Prepard by:

1. Mohamed Siddig

2. Mohamed zeinelabdeen

3. Omer Salih

Agenda :

Introduction.

Security in distributed Database.

Security in federated and integrated database.

Security in federated Database.

The effect of heterogeneity and autonomy on federated database security Russell Daviea and

Reinhardt Bothab

a Port Elizabeth Technikon, s20026335@student.petech.ac.za

b Port Elizabeth Technikon, reinhard@petech.ac.za

Background.

Federated Database Systems:

- The term has been used for several different but related

database system architectures. Federated Database System

(FDBS) is a collection of co-perating but autonomous

component database systems.

- The component databases systems (CDBSs) are integrated

to various degrees and are controlled and co-ordinated by

a Federated Database Management System (FDBMS).

The road towards Federated Database Systems:

Characteristics of Federated Database Systems :Distribution.Heterogeneity.Autonomy.

A CDBS participating in a FDBS may possess several

types of autonomy:

Design autonomy .

Communication autonomy .

Execution autonomy .

Association autonomy .

Authorization autonomy .

A Five-level Schema Architecture for Federated Databases

Information security in Database systems:

Confidentiality / Integrity / Availability (CIA).

Security problems in databases :

identifying the threats + policies + mechanisms.

Security in Federated Database Systems :

A FDBS provides interoperability between existing

heterogeneous databases providing two advantages :

a user the capability to retrieve data located at

different heterogeneous databases.

Interoperability is a significant advantage

-- need for protecting the security of the CDBSs and

their local users.

Security in Federated Database Systems :

CDBSs join a FDBS.

establishment of administrative policies.

Identification and authentication.

Authorization autonomy .

Full authorization autonomy .

Medium authorization autonomy

Low authorization autonomy.

Conclusion.

Opinion.

Deriving Global Authorizations for Federated

Databases

Eugene F. Fodor

Department of Computer Science

University of California, Davis, USA 95616

Email: fodor@cs.ucdavis.edu

URL: http://avalon.cs.ucdavis.edu/

Introduction.

Federated Databases.

Federated Database Security Issues:

FDBs pose is the formulation of a global security policy from the

local security policies of CDBs.

FDBs are that the integration of data from multiple sources leads

to new aggregation and inference problems not seen in the CDBs.

Accountability and authentication also become more complicated

for FDBs.

Deriving Authorizations for Integrated Objects

Federated DB Protection Objects:

Constituent schemas provide a common data model:

1. Integrated objects.

2. Local objects.

3. Federated objects.

4. Composite objects.

Exported Local Authorizations and the Dictionary :

Subject Section

Operation Section

Object Section

Global authorization derivation :

Analysis of local authorizations :

auth = <s,op,o> and auth΄= <s΄,op΄,o΄> are Compatible

Auth≈auth΄ ↔(o≈o΄)^(op≈op΄)

Subject Clustering :

A hierarchical clustering technique called single link

clustering is used to derive a similarity tree of subjects.

Global authorization derivation :

Abstraction of Global Authorizations :

There are two rules for authorization abstraction with

regard to operations and objects :

Rule 1 :

Rule 2 :

for objects states that global authorization o¯ for

coincides

with the integrated object o¯ and its local objects.

Deriving Authorizations for Composite Objects.

Conclusion.

Opinion