Federated Databases

Paper Summary:

This paper examines the concept of abstract authentication in federated database systems and the difficulties presented because the autonomously operated components may not know the identity of federation users. It looks at how one proposed solution is subject switching, where the federation translates the federated users identity to that of an agreed upon component subject and how this translation may be problematic due to not having component subjects with the same accesses requested by federation users. It proposes using proximity measures between requested and provided access and presents two policy neutral algorithms to find proximity minimizing matches between a federation subject and a collection of component subjects. It also explores the concepts relating to federated databases, authorization and access, and proposes some algorithms that will facilitate the subject switching method of reconciling access requirements.

Outline
Section 1
Abstract
Background
Introduction
Characteristics of Federated Databases
Homogeneous vs. Heterogeneous Databases
Agents
Agents and Meaning
Perspective
Types of Meaning
Semantics Versus Pragmatics
Context
Coverage of Communicative Acts
Mental Versus Social Agency
Section 2
Federated Database Systems and Autonomy
Design Autonomy
Communication Autonomy
Execution Autonomy
Association Autonomy
Authorization Autonomy
Distribution Transparency (i.e., Schema Integration)
Tightly Coupled
Limited Tight Coupling
Loosely Coupled
Federated Database Security
Authorization
Standards for Authentication
Decentralized vs. Centralized Authorization
Access Controls
User Based Access Control (UBAC)
Policy Based Access Control
Content Dependent Access Control (CDAC)
Context Based Access Control (CBAC)
View Based Access Control (VBAC)
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role Based Access Control (RBAC)
Section 3
Subject Switching
Subject Mapping Algorithms
Mapping Process
Federation Mapping Process
Federation Identity
Component Mapping Process
Minimum Disparity Measure
Mapping Algorithm
Create Object Sets
Identify Component Subjects
Evaluate Matching Subjects
Access Disparity Measures
Numerical Disparity Measure
Comparing Disparity Measures to Approximate Measures
Approximate Disparity Measure Comparison
Motivating Example
Access Compatibility Measures and Algorithms
Compatibility of Permissions and their Disparity Measures
Cardinality
Express Specification
Section 4
Metrics
Algorithm 1 (Least Under Permitting Algorithm)
Algorithm 2 (Least Over Permitting Algorithm)
Approximations: Metrics And Mappings
Approximate Mapping Algorithms
Algorithm 3 (Approximate Under Permitting Algorithm)
Algorithm 4 (Approximate Over Permitting Algorithm)
Properties of Algorithms 3 and Algorithm 4
Multilevel Federations
Non-Protected Database
Axioms
Deductive Channels Control Theorems
Signalling Channels Control Theorems
Cover Story
Multi-view Databases
Languages
Section 5
Conclusions and Ongoing Work
References

From the Paper:

"Heimbingner and McLeod coined the phrase Federated Database System in 1985, and Seth and Larson later confirmed the formal definition. While the term has been loosely used to refer to several different but related database systems, they more precisely and unanimously define it as a collection of cooperating but autonomous component database systems. [SL90] (According to Oszu 1999, semi-autonomous systems are termed federative DBMS). A federated database system represents a compromise between no integration, wherein users must explicitly interface with multiple autonomous databases, and total integration, where the autonomy of each distinct database is sacrificed in order to allow users access through a single global interface."

More papers on Federated Databases:

• Term Paper # 68532 : "Comparing Databases"
• Analytical Essay # 118380 : "Federal Lobbying"
• Term Paper # 122456 : "The FBI and DNA"

APA Citation:

MLA Citation: