Security Enforcement in the DOK Federated Database System

The Distributed Object Kernel (DOK) is a federated database system currently under development at the Royal Melbourne Institute of Technology. One of the issues currently under study is the development of a federated access control, as well a secure logical architecture allowing the DOK system to enforce federated security policies in the context of autonomous, distributed and heterogeneous databases. In this paper, we propose a Uni ed Security Model aiming for the integration of existing access control models, such as Mandatory Access Control and Discretionary Access Control, which could have been imposed on local components of a DOK application. Also, we extend the initial DOK multi-layered architecture proposed in (Tari et al. 1996) to include di erent types of security agents allowing the enforcement of di erent security functions within a federated environment. Coordination agents are responsible for maintaining a federation in a secure state by delegating the di erent functions to speci c agents, called Task agents. By delegating the access of information within local databases to Database agents, the Task agents enforce the federated security policies using speci c security procedures.