Policy enforcement in digital libraries must be scalable, flexible, and extensible – accommodating a wide range of digital objects and usage scenarios. This stands in contrast to traditional access control models, which are limited to a relatively fixed set of operating system abstractions (e.g., files) and computing actions (e.g., read, write). We are investigating the use of new, language-based security techniques to provide a richer and more extensible form of policy enforcement for complex digital objects in distributed digital libraries.
The shortcomings of traditional access control schemes are particularly acute in digital libraries where heterogeneous digital objects are characterized by fine-grained behavioral interfaces and highly-contextualized access restrictions. Typically, these objects contain mixed digital content (e.g., text, images, audio) that is aggregated from distributed sources. Digital Objects may be highly interactive (e.g., a distance learning module), and they may support multiple interfaces to support the needs of different user groups. Increasingly, digital objects may have membership in more than one collection as institutions form federations of cooperating digital libraries. This has provoked new security challenges such as the need for interoperable and extensible policy enforcement mechanisms for distributed repositories. Centralized system-level enforcement mechanisms that simply allow/disallow access to particular objects are inadequate to meet the requirements of this environment. Instead we are investigating new models and techniques to meet the following requirements:
 |
Flexible policy specification: Digital library managers require the ability to define policies that are either general-purpose or specific to the fine-grained behaviors of any particular digital object, or group of objects. |
|
Extensibility policy enforcement mechanism: When digital objects change and evolve over time, there must be a way to adapt policies concordantly. Extensible objects and applications need mechanisms that can enforce policies on object behaviors and system executions that cannot be anticipated ahead of time. |
|
Modularity of policy - Considering the set of all possible policies that may exist in large repositories of heterogeneous digital objects, a modular policy space will provide for better management of access control. Groups of general and customized policies can be designed to fit particular object types, and these can be mixed and matched depending on the needs of the repository managers and rights owners. |
|
Mobility: Policies must be enforced on any code that is obtained from the network. Furthermore, policies and enforcement mechanisms must permit digital objects to move among repositories and to mobile devices. |
| Secure policy enforcement mechanism: Policy enforcement mechanisms must be based on well-grounded security techniques. |