Abstract
In this paper we present a generalized authorization model for multimedia digital libraries. Our aim is to support the enforcement of access control requirements of the original data sources without the need to create a new, unified model for the digital library. We integrate the three most widely used access control models (i.e., mandatory, discretionary, and role-based) within a single framework, allowing seamless accesses to data protected by these security models. In particular, we address the access control needs of continuous media data while supporting quality of service (QoS) requirements and preserving operational semantics. The technical core of the paper focuses on the development of metadata and the corresponding metastructure to represent authorization policies and QoS requirements and shows their applicabilty to continuous media. We define our security objects based on the Synchronized Multimedia Integration Language (SMIL), which controls multimedia presentations. Following the synchronization constructs 〈par〉 and 〈seq〉 of SMIL, we define a normal form for multimedia streams, called SMIL normal form. SMIL normal form provides a syntax-independent representation of semantically equivalent multimedia data. SMIL normal form compositions are extended (decorated) with RDF statements, representing security and QoS metadata. Interpretation of these statements and, therefore, the authorization and QoS requirements of the decorated multimedia object are defined by the metastructure, represented as a DAML+OIL ontology. We propose the concept of generalized subject that encompasses all access permissions of a given user regardless of the multiple permissions in different access control models. Finally, we develop methods to generate secure views for each generalized subject and retrieve them using a secure multimedia server.
Similar content being viewed by others
References
Adam NR, Atluri V, Bertino E, Ferrari E (2002) A content-based authorization model for digital libraries. IEEE Trans Knowl Data Eng 14(2):296–315
Ankolekar A, Huch F, Sycara K (2002) Concurrent execution semantics of DAML-S with subtypes. In: Horrocks I, Hendler J (eds) The Semantic Web – ISWC 2002, 1st international Semantic Web conference, Sardinia, Italy, 9–12 June 2002. Lecture notes in computer science, vol 2342. Springer, Berlin Heidelberg New York, pp 1–318
Anyanwu K, Sheth A (2003) P-queries: enabling querying for semantic associations on the semantic web. In: Proceedings of the 12th international conference on World Wide Web. ACM Press, New York, pp 690–699
Arms W (2000) Digital libraries. MIT Press, Cambridge, MA
Ayars J (2001) Synchronized Multimedia Integration Language. W3C Recommendation. http://www.w3.org/TR/2001/REC-smil20-20010807
Beckett D, Miller E, Brickley D (2002) Expressing simple Dublin Core in RDF/XML. Dublin Core Metadata Initiative, 21 July 2002
Berners-Lee T, Hendler J, Lassila O (2001) The semantic web. Sci Am J. http://www.scientificamerican.com/article.cfm?articleID=00048144-10D2-1C70-84A9809EC588EF21
Bertino E, Ferrari E, Perego A (2002) Max: An access control system for digital libraries. In: Proceedings of the 26th international conference on computer software and applications, August 2002. IEEE Press, New York
Bertino E, Elmagarmid AK, Hacid M-S (2001) Quality of service in multimedia digital libraries. ACM SIGMOD Rec 30(1):35–40
Bertino E, Hammad M, Aref W, Elmagarmid A (2002) An access control model for video database systems. In: Conferece on information and knowledge management
Brickley D, Guha RV (2003) RDF Vocabulary Description Language 1.0:RDF Schema. W3C Working Draft, 23 January 2003. http://www.w3.org/TR/2003/WD-rdf-schema-20030123
Connoly D, Harmelen F, Horrocks I (2001) DAML+OIL reference description. W3C Note. http://www.w3.org/TR/daml+oil-reference
Damiani E, De Capitani di Vimercati S (2003) Securing xml based multimedia content. In: 18th IFIP international conference on information security
Damiani E, De Capitani di Vimercati S, Paraboschi S, Samarati P (2000) Securing XML documents. Lecture notes in computer science, vol 1777. Springer, Berlin Heidelberg New York, pp 121–122
Damiani E, De Capitani di Vimercati S, Paraboschi S, Samarati P (2002) A fine grained access control system for xml documents. ACM Trans Inf Syst Secur 5(2):169–202
Denker G (2002) Towards security in daml. Internal Report, SRI International, Menlo Park, CA
Fikes R, Hayes P, Horrocks I (2002) Designing a query language for the semantic web. The Knwoledge Systems Laboratory, Stanford University
Fikes R, Hayes P, Horrocks I (2003) DAML Query Language(DQL), April. http://www.daml.org/2003/04/dql/
Hayes P (2003) RDF semantics. W3C Working Draft, 23 January 2003 http://www.w3.org/TR/2003/WD-rdf-mt-20030123
Horrocks I (2002) Daml+oil: a reason-able web
Klyne G, Carroll J (2003) Resource Description Framework (RDF) concepts and abstract syntax. W3C Working Draft, 23 January 2003. http://www.w3.org/TR/2003/WD-rdf-concepts-20030123
Kodali N, Farkas C, Wijesekera D (2003) Enforcing integrity in multimedia surveillance. In: IFIP 11.5 working conference on integrity and internal control in information systems
Kodali N, Farkas C, Wijesekera D (2004) Metadata for multimedia access control. J Comput Syst Sci Eng 19(2):95–105
Kodali N, Farkas C, Wijesekera D (2003) Multimedia access contol using rdf metadata. In: Workshop on metadata for security (WMS’03).
Kodali N, Wijesekera D (2002) Regulating access to smil formatted pay-per-view movies. In: 2002 ACM workshop on XML security
Kopena J (2003) Daml jesskb. http://plan.mcs.drexel.edu/DAMLJessKB/
Lagoze C (1995) A secure repository design for digital libraries. D-Lib Mag. http://www.dlib.org/dlib/december95/12lagoze.html
Manola F, Miller E (2003) RDF Primer. W3C Working Draft, 23 January 2003. http://www.w3.org/TR/2003/WD-rdf-primer-20030123
Martin D (2003) DAML based Web-Service Ontology, May 2003
McCray AT, Gallagher ME (2001) Principles for digital library development. Commun ACM 44(5):48–54
Michel T (2001) The SMIL 2.0 MetaInformation Module. W3C Recommendation. http://www.w3.org/TR/2003/WD-rdf-mt-20030123
Patel-Schneider P, Siméon J (2002) The yin/yang web: Xml syntax and rdf semantics. In: Proceedings of the 11th international conference on the World Wide Web. ACM Press, New York, pp 443–453
Sandhu R, Ferraiolo D, Kuhn R (2000) The NISI model for role-based access control: towards a unified standard. In: ACM RBAC 2000, pp 47–64
Sandhu R, Samarati P (1996) Access control: principles and practices. IEEE Commun 29(2):38–47
Sheshagiri M, Kunjithapatham A (2003) A fipa compliant query mechanism using daml query language, June 2003., available online at http://www.cs.umbc.edu/∼finin//papers/dqlFIPA.html
Stoica A, Farkas C (2002) Secure xml views. In: Proc IFIP 11.3 working conference on database security
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kodali, N., Farkas, C. & Wijesekera, D. An authorization model for multimedia digital libraries. Int J Digit Libr 4, 139–155 (2004). https://doi.org/10.1007/s00799-004-0080-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00799-004-0080-1