Popis: |
Security is an important issue in digital library design. Security weaknesses in digital libraries, coupled with attacks or other types of failures, can lead to confidential information being inappropriately accessed, or loss of integrity of the data stored. These in turn can have a damaging effect on the trust of publishers or other content providers, can cause embarrassment or even economic loss to digital library owners, and can even lead to pain and suffering or other serious problems if urgently needed information is unavailable (Tyrvainen, 2005). There are many security requirements to consider because of the variety of different actors working with a digital library. Each of these actors has different security needs (Chowdhury & Chowdhury, 2003). Thus, a digital library content provider might be concerned with protecting intellectual property rights and the terms of use of content, while a digital library user might be concerned with reliable access to content stored in the digital library. Requirements based on these needs sometimes are in conflict, which can make the security architecture of a digital library even more complex. The design of the security architecture of a digital library must go beyond simply adding one or a few modules to a previously designed system. This is because there may be security holes in pre-existing modules, and because difficulties can arise when attempting to integrate the modules. The security architecture of a digital library must be designed so that security concerns are handled holistically. A security system designer must view the whole architecture and consider all of the applicable security factors when designing a secure digital library. The nature of a security attack may differ according to the architecture of the digital library; a distributed digital library has more security weaknesses than a centralized digital library. Security attacks can be categorized as physical attacks and logical attacks (Stallings, 2006). A physical attack involves hardware security where keys, locks, cards, and visitor monitoring is used. A logical attack involves an attack on the content or digital library system. We focus on the logical attacks and software security of digital libraries. |