The detection of the nearest neighbor object to a given point in the reference space (NN query) is a common problem in geographical information systems (GISs). Data structures supporting range queries are not always adequate to support NN queries. For this reason, additional data structures, mainly relying on the use of some kind of tree, have been proposed. The main drawback of such solutions is that at least one tree path has to be analyzed in order to determine the NN object. In this paper, we overcome this problem by considering information on the reference space to improve the search. In particular, we propose a data structure that is obtained by integrating the R+-tree with a regular grid, indexed by using a hashing technique. The resulting data structure combines the advantages of a rectangular decomposition of the space, typical of R+-trees, with a direct access to each portion of the space, typical of hashing. The proposed technique is then compared both theoretically and experimentally with the R+-tree.

The development of adequate security solutions and in particular of authentication and authorization techniques for grid computing systems is a challenging task. Challenges arise from the heterogeneity of users, the presence of multiple security administration entities, the heterogeneity of security techniques used at the various grid hosts, the scalability requirements, and the need for high-level policies concerning resource sharing. Recent trends, like accessing grid through science gateways and the use of virtual organizations (VO) for managing user communities, further complicate the problem of security for grid computing systems. Currently, the GSI component developed as part of the Globus Toolkit, the de-facto standard for grid infrastructures is not fully suited to meet those challenges. The main drawback of such an approach is that it relies on a low level identity-based authorization scheme. .A low-level access control policy maps a user’s identity (distinguished name) to a local account. Such approach does not scale and does not address many of the outlined requirements. We thus need security solutions that go beyond the simple solutions currently in use. The goal of this paper is to make a first step towards such solutions. The paper discusses and analyzes authentication and authorization solutions that better fit novel grid infrastructures characterized by virtual organizations and science gateways. Some of these solutions derive from ongoing work in current grid infrastructure projects; others are new proposals that we think worthy of discussion. In particular, we analyze the solutions proposed as part of the GridShib and the VO Privilege projects

A virtual community is a composition of heterogeneous and independently designed subsystems, focusing on large-scale resource sharing, innovative applications and in some cases high performance computation. The sharing that we refer to is the direct access to computers, software, and data emerging in fields like science, industry and engineering. Several open issues need to be addressed in order to make possible these dynamic environments, such as how to manage access policies to coordinate resource sharing, how to establish a community, how to ensure that member communities respect community policies and so on

An increasingly important category of location-based services (LBS) responding to the demands of mobility in organizations is represented by Enterprise LBS (E-LBS). E-LBS pose challenging requirements, including the need of selective access to the services based on the position of mobile users and spatially-bounded organizational functions. To address these requirements a general architectural framework for an access control system based on location-aware roles is introduced.

The paper proposes an XML-based approach for a controlled distribution of documents, that must be subject to distributed and collaborative updates. In particular, the approach we propose allows one to attach a flow policy to a document, that partially or totally specifies the list of subjects that have to receive the document. Flow policies associated with documents can be dynamically changed during document transmission. Such modifications are regulated by a set of modification control rules, specified according to a model that we present in this paper. A key feature of the proposed solution is that a subject, upon receiving a document can also locally verify the correctness of the path and of the modification operations possibly performed over it, without interacting with other parties. In the paper, besides presenting the language to specify flow policies and modification control rules, we describe the suite of protocols we have developed to perform the above-mentioned checks on document paths.

In this paper we discuss access to object attributes in a multigranular temporal object-oriented data model that handles the expiration of dynamic attributes, according to the age of data and their granularity [4]. Different strategies can be applied, with respect to available data and to the preferences specified by the user on either accuracy or efficiency in executing a query. We devise some properties of object access that can be applied to speed up the query process, such as the invariance of the queries results with respect to expiration operations, and the static detection of unsolvability of a query.

The emerging Web service technology has enabled the development of Internet-based applications that integrate distributed and heterogeneous systems and processes which are owned by different organizations. However, while Web services are rapidly becoming a fundamental paradigm for the development of complex Web applications, several security issues still need to be addressed. Among the various open issues concerning security, an important issue is represented by the development of suitable access control models, able to restrict access to Web services to authorized users. In this paper we present an innovative access control model for Web services. The model is characterized by a number of key features, including identity attributes and service negotiation capabilities. We formally define the protocol for carrying on negotiations, by specifying the types of message to be exchanged and their contents, based on which requestor and provider can reach an agreement about security requirements and services. We also discuss the architecture of the prototype we are currently implementing. As part of the architecture we propose a mechanism for mapping our policies onto the WS-Policy standard which provides a standardized grammar for expressing Web services policies.

Grid systems were initially developed for supporting scientific computations. Today, companies, users and researchers are looking at ways to use the Grid approach to commercial uses and for applications in many different areas. Security in grid systems however has not been much addressed and yet is an important prerequisite to really make grid systems usable in a variety of commercial applications.The goal of this panel is to explore relevant security issues, with special emphasis on access control, for grid-based computing systems. The panel will discuss security requirements that are specific to grid-based systems and set these systems apart from conventional distributed systems, and outline directions for future research. Questions addressed by the panel include the following ones:

  * What needs to be protected in a grid system: hosts, resources, data, computations?
  * Access control languages and policies: do we need ad-hoc languages for specifying access control policies for grid hosts? If so, which would be the most relevant and features of these languages?
  * User requirements: different grid hosts may provide different levels of security. How can a user specify his/her security requirements when running computations? Which assurance has the user that his/her own requirements have been met?
  * Scalability and evolution: grid computing systems may encompass a very large number of nodes (hundreds or even thousands). Moreover, they can be quite dynamic with hosts and clients dynamically joining and leaving. How can we design scalable access systems able to cope with the required dynamicity?

Privacy has been acknowledged to be a critical requirement for many business (and non-business) environments. Therefore, the definition of an expressive and easy-to-use privacy related access control model, based on which privacy policies can be specified, is crucial. In this work we introduce a family of models (P-RBAC) that extend the well known RBAC model in order to provide full support for expressing highly complex privacy-related policies, taking into account features like purposes and obligations. We also compare our work with access control and privacy policy frameworks such as P3P, EPAL, and XACML.

Navigation has added interactivity in nowadays multimedia applications which support effective accessing to objects of various formats and presentation requirements. Storage issues need to be reconsidered for the new type of navigational multimedia applications, in order to improve system’s performance. This paper addresses the problem of multimedia data storage towards improving data accessibility and request servicing under navigational applications. A navigational graph-based model (for the multimedia data representation) is proposed to guide the data placement under a hierarchical storage topology. The multimedia data dependencies, access frequencies and timing constraints are used to characterize the graph nodes which correspond to multimedia objects allocated at the tertiary storage level. Based on certain defined popularity criteria, data are elevated and placed on secondary level towards improving both the request servicing and data accessibility. The proposed multimedia data elevation is a prefetching approach since it is performed “apriori” (not on demand) based on previously extracted user access patterns. Appropriate data placement policies are also employed at the secondary level, and a simulation model has been developed based on current commercial tertiary and secondary storage devices. This model is used to evaluate the proposed popularity based data elevation approach as employed under a hierarchical storage subsystem. Experimentation is performed under artificial data workloads and it is shown that the proposed hierarchical data placement approach considerably improves data accessing and request servicing in navigational multimedia applications. The iterative improvement placement is proven to outperform earlier related multimedia data placement policies with respect to commonly used performance metrics.

Current approaches for the selective dissemination of XML documents are not suitable for an automatic adaptation of user profiles to her current preferences because either they rely on user preferences specified by filling up forms or they require to process a high number of documents. In this paper we present the architecture of Dichieminator, a selective dissemination system for XML documents based on profiles. Profiles, represented through XML Schema, concisely represent the kind of documents a user subscribing the service is interested in. Profiles are used for filtering out irrelevant documents relying on user preferences. Moreover, profiles are kept up to date taking into account the documents the user effectively accesses or refuses.

Quality of Service (QoS) is defined as a set of perceivable attributes expressed in a user-friendly language with parameters that may be objective or subjective. Objective parameters are those related to a particular service and are measurable and verifiable. Subjective parameters are those based on the opinions of the end-users. We believe that quality of service should become an integral part of multimedia database systems and users should be able to query by requiring a quality of service from the system. The specification and enforcement of QoS presents an interesting challenge in multimedia systems development. A deal of effort has been done on QoS specification and control at the system and the network levels, but less work has been done at the application/user level. In this paper, we propose a language, in the style of constraint database languages, for formal specification of QoS constraints. The satisfaction by the system of the user quality requirements can be viewed as a constraint satisfaction problem, and the negotiation can be viewed as constraint optimization. We believe this paper represents a first step towards the development of a database framework for quality of service management in video databases. The contribution of this paper lies in providing a logical framework for specifying and enforcing quality of service in video databases. To our knowledge, this work is the first from a database perspective on quality of service management.

The notion of Virtual Community (VC) is today an important paradigm to enable dynamic and large-scale collaboration activities over the web. In many of those activities, security is an important key requirement that to date has not been widely investigated. In this paper, we make a step towards addressing such a problem. We focus on the issue of secure publishing of VC policies because policies represent a key component for any VC. Their security is thus crucial for the proper functioning of the VC. In the paper, after discussing the motivation for the proposed work, we develop protocols for the secure publication of protocols addressing the integrity and confidentiality of the policy publication process. Our protocols cover both community policies and community member local policies. Our approach relies on the use of a system specifically designed for secure and selective dissemination of XML documents. We also provide a sketch of the system implementing the framework and the XML encoding of the documents to be exchanged, and show the computational results of the implemented algorithms.

Trust negotiation makes it possible for two parties to carry on secure transactions by first establishing trust through a bilateral, iterative process of requesting and disclosing digital credentials and policies. Credentials, exchanged during trust negotiations, often contain sensitive attributes that attest to the properties of the credential owner. Uncontrolled disclosure of such sensitive attributes may cause grave damage to the credential owner. Research has shown that disclosing non-sensitive attributes only can cause identity to be revealed as well. Consequently, we impose a stronger requirement: our negotiations should have the k-anonymity property—the set of credentials submitted by a subject during a negotiation should be equal to k other such sets received by the counterpart during earlier negotiations. In this paper we propose a protocol that ensures k-anonymity. Our protocol has a number of important features. First, a credential submitter before submitting its set of credentials has the assurance that its set will be identical to k other sets already stored with the counterpart. Second, we provide a cryptographic protocol ensuring that the credentials submitted by the submitter during different negotiations cannot be linked to each other. Third, we ensure that the critical data exchanged during the protocol is valid. Fourth, the major part of the protocol involves the negotiating parties only; the protocol invokes the validator only only when some critical information needs to be validated.