Authorization model for summary schemas model

Security issues in multidatabases are complicated due to autonomy and heterogeneity of local databases. Deriving global authorizations by integrating underlying local authorizations is difficult since subjects and objects at each local database may not be compatible. In addition, local authorizations may conflict and could not be combined to form common global authorizations. This paper proposes an authorization model for a multidatabase system. The summary schemas model (SSM) is used as the underlying paradigm. The SSM resolves name differences in multidatabases using word relationships defined in a standard dictionary. Hypernyms and hyponyms of access terms exported from local databases are the main components of the SSM as they form a hierarchical metadata structure. SSM global authorizations tagged to hypernyms are derived from local authorizations using global roles and a role hierarchy defined in multidatabases. The model considers roles as common global subjects onto which local subjects can be mapped. Since the mapping can be done independently and autonomously among local databases, authorization autonomy is preserved. The paper also evaluates the performance of the proposed model. The simulation results show that the proposed model offers better performance than the original SSM since user queries with insufficient authority are rejected earlier. This results in less communication and less query response time.