Your World of Legal Intelligence
 United Kingdom | +44 (0) 20 7284 8080

A secure solution for commercial digital libraries

Document Cited in Related
Vincent
Pages147-159
Published date01 June 2003
DOIhttps://doi.org/10.1108/14684520310481418
Date01 June 2003
AuthorMariemma I. Yagüe,Antonio Maña,Javier López,Ernesto Pimentel,José M. Troya
Subject MatterInformation & knowledge management,Library & information science
A secure solution for
commercial digital
libraries
Mariemma I. YaguÈe
Antonio ManÄa, Javier LoÂpez
Ernesto Pimentel and
Jose M. Troya
Introduction
Digital libraries integrate a variety of
information technologies that provide
opportunities to assemble, organise and
access large volumes of information from
multiple repositories. Because of the high
quality and value of the contents, it is
becoming frequent that access to digital
libraries' assets (not only the contents but also
services such as searching and abstracting) is
subject to the payment of a fee. Digital
libraries usually contain objects with
heterogeneous security requirements.
Securing the access to digital libraries poses
important challenges because of the specific
characteristics found in their environments.
Some of these characteristics are the
following:
.usually, libraries are offered to previously
unknown users;
.payment or other activities (e.g. the
execution of copyright agreements) must
be bound to the access to the objects;
.the originator or owner of the object must
retain control over it regardless of the
storage location and even after it is
accessed by users (this is known as
persistent protection);
.a high degree of flexibility is required
because of the heterogeneous nature of
the objects;
.the ability to change the access control
parameters dynamically and transparently
is also essential in most digital libraries;
and finally
.due to the large amount of objects, it is
important to determine access conditions
automatically, based on information
about objects.
Although those problems for controlling
access in distributed systems can be seen as
general, it is clear that new solutions are
required to address the needs of some of the
new distributed applications, as it is the case
with digital libraries, but also Web services or
grid computing. Among the problems found
on existing access control systems, we
emphasise the following:
The authors
Mariemma I. YaguÈe,Antonio ManÄaand Javier Lo pez
are Associate Professors, and Ernesto Pimentel and
Jose M. Troya are Professors, all in the Computer Science
Department of the University of Ma laga, Malaga, Spain.
Keywords
Digital libraries, Distributed computing,
Distribution requirements planning,
Systems management, Data security
Abstract
Distributed systems usually contain objects with
heterogeneous security requirements that pose important
challenges for the underlying security mechanisms and
especially in access control systems. Access control in
distributed systems often relies on centralised security
administration. Existing solutions for distributed access
control do not provide the flexibility and manageability
required. This paper presents the XML-based secure content
distribution (XSCD) infrastructure, which is based on the
production of protected software objects that convey
contents (software or data) and can be distributed without
further security measures because they embed the access
control enforcement mechanism. It also provides means for
integrating privilege management infrastructures (PMIs).
Semantic information is used in the dynamic instantiation
and semantic validation of policies. XSCD is scalable,
facilitates the administration of the access control system,
guarantees the secure distribution of the contents, enables
semantic integration and interoperability of heterogeneous
sources, provides persistent protection and allows actions
(such as payment) to be bound to the access to objects.
Electronic access
The Emerald Research Register for this journal is
available at
http://www.emeraldinsight.com/researchregister
The current issue and full text archive of this journal is
available at
http://www.emeraldinsight.com/1468-4527.htm Refereed article received 26 February 2003
Approved for publication 7 March 2003
This work was partially supported by the Spanish
Ministry of Science and Technology Project
TIC2002-04500-C02-02.
147
Online Information Review
Volume 27 .Number 3 .2003 .pp. 147-159
#MCB UP Limited .ISSN 1468-4527
DOI 10.1108/14684520310481418

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT