Arne Koschel’s research while affiliated with Informa Healthcare and other places

In this paper we present an infrastructure layer, called Intermediary Security Platform (iSP), which provides multi-tier applications with a uniform abstraction of the authentication and authorization services. The abstraction is achieved via an intermediary Security Service (iS2). iS2 presents applications with a uniform interface for authentication and authorization requests. In turn, iS2 interfaces with Enterprise Security Systems (ESS) deployed at the site. iSP provides multi-tier application components authentication services, authorization services, and a single sign-on facility, all of which can bridge multiple security domains established at the site. At the same time, user management tasks are still performed by dedicated ESS. iSP architecture simplifies deployment of multi-tier applications on highly partitioned networks.

Internet-Portale sind personalisierte Einstiegsseiten im Internet, die verschiedenartigste Ziele verfolgen. Wir stellen zunächst typische Arten von Internet-Portalen kurz vor. Das derzeit aktuelle Schlagwort Portal bezeichnet personalisierbare Internet-Zugänge zu Informationsdiensten. Hierbei werden unterschiedliche Anwendungen mit diesem Schlagwort bedacht, die z.B. von Eingangspforten für das Massenpublikum über Informationskanäle für Spezialgebiete bis hin zu Business-to-Business Vertriebswegen reichen. Daraus ergeben sich charakteristische funktionale Anforderungen an solche Portale. Nicht-funktionale Anforderungen betreffen dann Qualitätseigenschaften, wie zum Beispiel Zugriffssicherheit, Netzwerksicherheit, Ausführungsgeschwindigkeit, Ergsonomie und Konformität mit Standards. Aus den funktionalen und nicht- funktionalen Anforderungen können typische Systemkomponenten von Internet- Portalen abgeleitet werden. Zwei kommerziell verfügbare Basisprodukte zur Entwicklung von Internet-Portalen werden vorgestellt und es wird skizziert, wie diese Produkte die Anforderungen erfüllen sollen. Ein Schwerpunkt dieses Kurzbeitrags ist die Präsentation eines Überblicks über verschiedene Aspekte des Entwurfs und der Implementierung von Internet-Portalen. Ein wichtiger Aspekt ist, daß der Aufbau eines Internet-Portals nicht die eigentliche Konstruktion eines (neuen) Informationssystems darstellt, sondern im wesentlichen eine Integrationsaufgabe von verschiedenartigen Informationsdiensten ist. Dabei müssen insbesondere operative Unternehmensinformationssysteme mit externen Diensten integriert werden.

Karlsruhe, Universiẗat, Diss., 1999 (Nur beschränkt für den Austausch).

The capabilities of active database systems remain meaningful for distributed applications. However, since the assumptions underlying a distributed active database system differ from those for a centralized active database system, the technical capabilities necessary for supporting active functionality must be revised and extended, and new challenges must be met. In addition, distributed active database systems and distributed rule processing offer new opportunities that make explicit use of the potential of distribution. The goal of this chapter is to provide a systematic overview of the design options for ECA functionality in distributed environments, highlighting the choices from a usage perspective.

Today's distributed enterprise information systems are often collections of existing information sources and, as such, heterogeneous. Technical integration and access to heterogeneous sources is supported by CORBA for servers combined with Web technology for clients. Additional need however, is comfortable active functionality, e.g., for active user notification about information changes relevant to their work. Active functionality known from Active DBMS-style ECA rules has proven useful for this purpose. Such active functionality, however is a gap in current CORBA functionality. To fill this gap, we contribute here the concept, design, architecture, and implementation details of C²offein, a service set contributing Active DBMS-style active functionality to CORBA-based, distributed, and heterogeneous systems. Moreover, since different enterprise distributed object applications need various kinds of active functionality, C²offein is widely configurable in its overall functionality. The great benefit of such an approach is its flexibility and “smartness” compared to monolithic approaches like those classically used, e.g., in Active DBMS. In contrast to monolithic systems, C²offein offers the possibility of only investing effort and money for that active functionality which is really necessary

New application areas or new technical innovations expect from database management systems more and more new functionality. However, adding functions to the DBMS as an integral part of them, tends to create monoliths that are difficult to design, implement, validate, maintain and adapt. Such monoliths can be avoided if one configures DBMS according to the actually needed functionality. In order to identify the basic functional components for the configuration the current monoliths should be broken up into smaller units, or in other words they could be "unbundled". In this paper we apply unbundling to active database systems. This results in a new form of active mechanisms where active functionality is no longer an integral part of the DBMS functionality. This allows the use of active capabilities with any arbitrary DBMS and in broader contexts. Furthermore, it allows the adaption of the active functionality to the application profile. Such aspects are crucial for a wide use of active functionality in real (database or not) applications.

Similar to grouping autonomous DBMSs within large-scale distributed, heterogeneous and loosely coupled networks into DBMS federations, active information sources may be grouped into active DBMS federations. The paper claims that as a prerequisite for such federations, event handling must be separated from the members of the federation and concentrated within an independent network component. Two consequences of such a decision are explored in the paper. The construction of suitable wrappers that perform the task of event detection for a large variety of active and passive information sources, and the unbundling of event processing based on ECA rules into a number of individual functions which can then be distributed across the network and configured into event handlers that pursue specific strategies.