In-broker Access Control for Information Brokerage Systems
An XML brokerage system is a distributed XML database system that comprises data sources and brokers which, respectively, hold XML documents and document distribution information. Databases can be queried through brokers with no schema-relevant or geographical difference being noticed. However, all...
Saved in:
Main Authors: | , , , , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2007
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/1783 http://www.asmemesa.org/ezconf/IJICS/issue.php?id=16 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-2782 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-27822013-03-15T10:12:03Z In-broker Access Control for Information Brokerage Systems LI, Fengjun LUO, Bo LIU, Peng LEE, Dongwon Mitra, Prasenjit LEE, Wang-Chien CHU, Chao-Hsien An XML brokerage system is a distributed XML database system that comprises data sources and brokers which, respectively, hold XML documents and document distribution information. Databases can be queried through brokers with no schema-relevant or geographical difference being noticed. However, all existing information brokerage systems view or handle query brokering and access control as two orthogonal issues: query brokering is a system issue that concerns costs and performance, while access control is a security issue that concerns information confidentiality. As a result, access control deployment strategies (in terms of where and when to do access control) and the impact of such strategies on end-to-end system performance are neglected by existing information brokerage systems. In addition, data source side access control deployment is taken-for-granted as the ``right'' thing to do. In this paper, we challenge this traditional, taken-for-granted access control deployment methodology, and we show that query brokering and access control are {\bf not} two orthogonal issues because access control deployment strategies can have significant impact on the ``whole'' system's end-to-end performance. We propose the first in-broker access control deployment strategy where access control is ``pushed'' from the boundary into the ``heart'' of the information brokerage system. We design and evaluate the in-broker access control scheme for information brokerage systems. Our experimental results indicate that information brokerage system builders should treat access control as a system issue as well. 2007-12-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/1783 http://www.asmemesa.org/ezconf/IJICS/issue.php?id=16 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Brokerage System Role Based Access Control XML Computer Sciences Finance and Financial Management Management Information Systems |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
Information Brokerage System Role Based Access Control XML Computer Sciences Finance and Financial Management Management Information Systems |
spellingShingle |
Information Brokerage System Role Based Access Control XML Computer Sciences Finance and Financial Management Management Information Systems LI, Fengjun LUO, Bo LIU, Peng LEE, Dongwon Mitra, Prasenjit LEE, Wang-Chien CHU, Chao-Hsien In-broker Access Control for Information Brokerage Systems |
description |
An XML brokerage system is a distributed XML database system that comprises data sources and brokers which, respectively, hold XML documents and document distribution information. Databases can be queried through brokers with no schema-relevant or geographical difference being noticed. However, all existing information brokerage systems view or handle query brokering and access control as two orthogonal issues: query brokering is a system issue that concerns costs and performance, while access control is a security issue that concerns information confidentiality. As a result, access control deployment strategies (in terms of where and when to do access control) and the impact of such strategies on end-to-end system performance are neglected by existing information brokerage systems. In addition, data source side access control deployment is taken-for-granted as the ``right'' thing to do. In this paper, we challenge this traditional, taken-for-granted access control deployment methodology, and we show that query brokering and access control are {\bf not} two orthogonal issues because access control deployment strategies can have significant impact on the ``whole'' system's end-to-end performance. We propose the first in-broker access control deployment strategy where access control is ``pushed'' from the boundary into the ``heart'' of the information brokerage system. We design and evaluate the in-broker access control scheme for information brokerage systems. Our experimental results indicate that information brokerage system builders should treat access control as a system issue as well. |
format |
text |
author |
LI, Fengjun LUO, Bo LIU, Peng LEE, Dongwon Mitra, Prasenjit LEE, Wang-Chien CHU, Chao-Hsien |
author_facet |
LI, Fengjun LUO, Bo LIU, Peng LEE, Dongwon Mitra, Prasenjit LEE, Wang-Chien CHU, Chao-Hsien |
author_sort |
LI, Fengjun |
title |
In-broker Access Control for Information Brokerage Systems |
title_short |
In-broker Access Control for Information Brokerage Systems |
title_full |
In-broker Access Control for Information Brokerage Systems |
title_fullStr |
In-broker Access Control for Information Brokerage Systems |
title_full_unstemmed |
In-broker Access Control for Information Brokerage Systems |
title_sort |
in-broker access control for information brokerage systems |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2007 |
url |
https://ink.library.smu.edu.sg/sis_research/1783 http://www.asmemesa.org/ezconf/IJICS/issue.php?id=16 |
_version_ |
1770571497231876096 |