Title: Secure Mediated Databases
Authors: K.S. Candan, V.S. Subrahmanian, Sushil Jajodia.
Abstract
With the evolution of the information superhighway, there is now an immense amount of information available in a wide variety of databases. Furthermore, users often have the ability to access legacy software packages developed by external sources. However, sometimes both the information provided by a data source, as well as one or more of the functions available through a software package may be sensitive -- in such cases, organizations require that access by users be controlled. HERMES ("HEterogeneous Reasoning and MEdiator System") is a platform that has been developed at the University of Maryland within which mediators may be designed and implemented. HERMES has already been used for a number of applications. In this paper, we will provide a formal model of security in mediated systems. We will then develop techniques that are sound and complete and respect security constraints of packages/databases participating in the mediated system. The security constraints described in this paper have been implemented -- we will describe the existing implementation.