Secure Mediated Databases

With the evolution of the information superhigh-way, there is now an immense amount of information available in a wide variety of databases. Furthermore , users often have the ability to access legacy software packages developed by external sources. However, sometimes both the information provided by a data source, as well as one or more of the functions available through a software package may be sensitive { in such cases, organizations require that access by users be controlled. HERMES (\HEterogeneous Reasoning and MEdiator System") is a platform that has been developed at the University of Maryland within which mediators may be designed and implemented. HER-MES has already been used for a number of applications 7, 3]. In this paper, we will provide a formal model of security in mediated systems. We will then develop techniques that are sound and complete and respect security constraints of packages/databases participating in the mediated system. The security constraints described in this paper have been implemented { we will describe the existing implementation.