Security is a critical concern for mediator-based data integration among heterogeneous data sources Due to the interconnected and collaborative computing environment, most mediation systems demand flexible and fine-grained authorization capability There are three major security challenges faced by mediation systems: context-awareness, semantic heterogeneity, and multiple security policy specification Currently no existing approach addresses all three security challenges in mediation systems This paper provides a modeling and architectural solution to the problem of mediation security that addresses the aforementioned security challenges This paper presents a generic, extensible modeling method for the security policies in mediation systems A series of authorization constraints are identified based on the relationship on the different security components in the mediation systems Moreover, we enforce the flexible access control to mediation systems while providing uniform access for heterogeneous data sources.
