This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Computational Issues in Secure Interoperation
January 1996 (vol. 22 no. 1)
pp. 43-52

Abstract—Advances in distributed systems and networking technology have made interoperation not only feasible but also increasingly popular. We define the interoperation of secure systems and its security, and prove complexity and composability results on obtaining optimal and secure interoperation. Most problems are NP-complete even for systems with very simple access control structures, while for a general setting the problem is undecidable. Nevertheless, composability reduces complexity in that secure global interoperation can be obtained incrementally by composing secure local interoperation. We illustrate, through an application in secure database interoperation, how these theoretical results can help system designers in practice.

[1] A.P. Seth and J.A. Larson,“Federated database systems for managing distributed, heterogeneous andautonomous databases,” ACM Computing Surveys, vol. 22, no. 3, pp. 184-236, September 1990.
[2] U.S. National Computer Security Center, Trusted Network Interpretation, NCSC-TG-005, version-1, July 1987.
[3] NCSC, Trusted Network Interpretation Environments Guideline, (U.S.) National Computer Security Center, NCSC-TG-011, version-1, August 1990.
[4] J.A. Bull, L. Gong, and K.R. Sollins, "Towards security in an open systems federation," Proc. European Symp. Research in Computer Security,Toulouse, France, vol. 648, Lecture Notes in Computer Science, pp. 3-20, Springer-Verlag, Nov. 1992.
[5] B. Lampson, "Protection," Proc. 5th Princeton Symp. Information Sciences and Systems, Princeton Univ., Mar. 1971; reprinted inACM Operating Systems Review, Jan. 1974, pp. 18-24.
[6] M.A. Harrison, W.L. Ruzzo, and J.D. Ullman, "Protection in operating systems," Comm. ACM, vol. 19, no. 8, pp. 461-471, Aug. 1976.
[7] R.S. Sandhu, "The typed access matrix model," Proc. IEEE Symp. Research in Security and Privacy,Oakland, Calif., pp. 122-136, May 1992.
[8] D.E. Bell and L.J. La Padula, "Secure computer system: Unified exposition and multics interpretation," Tech. Report ESD-TR-75-306, Bedford, Mass: The MITRE Corporation, Mar. 1976.
[9] C.E. Landwehr, "Formal models for computer security," ACM Computing Survey, vol. 13, no. 3, pp. 247-278, Sept. 1981.
[10] J.A. Goguen and J. Meseguer, "Security polices and security models," Proc. IEEE Symp. Security and Privacy,Oakland, Calif., pp. 11-20, Apr. 1982.
[11] M. Satyanarayanan, "Integrating security in a large distributed system," ACM Trans. Computer System, vol. 7, no. 3, pp. 247-280, Aug. 1989.
[12] M.R. Garey and D.S. Johnson, Computers and Intractability,New York: W.H. Freeman and Co., p. 192, p. 198, 1979, Paperback edition 1991.
[13] G. Pernul, "Canonical security modeling for federated databases," Proc. IFIP TC2/WG2.6 Conf. Semantics of Interoperable Database Systems, Nov. 1992.
[14] D. McCullough,"A hookup theorem for multilevel security," IEEE Trans. Software Engineering, vol. 16, pp. 563-568, June 1990.
[15] V.E. Jones and M. Winslett, "Secure database interoperation via role translation," Security for Object-Oriented Systems, B. Thuraisingham, R. Sandhu, and T.C. Ting, eds., London: Springer-Verlag, 1994. A previous version appeared as Technical Report, Dept. of Computer Science, Univ. of Illinois at Urbana-Champaign, Apr. 1993.
[16] S. Arora, G. Lund, R. Motwani, M. Sudan, and M. Szegedy, "Proof verification and hardness of approximation problems," Proc. IEEE 33rd Annual Symp. Foundations of Computer Science,Pittsburgh, Penn., pp. 14-23, Oct. 1992.
[17] D.F.C. Brewer and M.J. Nash, "The chinese wall security policy," Proc. IEEE Symp. Security and Privacy,Oakland, Calif., pp. 206-214, Apr. 1989.
[18] L. Gong and X. Qian, "The complexity and composability of secure interoperation," Proc. IEEE Symp. Research in Security and Privacy,Oakland, Calif., pp. 190-200, May 1994.

Index Terms:
Computer security, database systems, interoperability, secure composability, algorithms, computational complexity.
Citation:
Li Gong, Xiaolei Qian, "Computational Issues in Secure Interoperation," IEEE Transactions on Software Engineering, vol. 22, no. 1, pp. 43-52, Jan. 1996, doi:10.1109/32.481533
Usage of this product signifies your acceptance of the Terms of Use.