This document discusses security issues in federated database systems. It begins with an introduction to federated databases and their key characteristics of distribution, heterogeneity, and autonomy. It then discusses how the autonomy of component database systems can pose security challenges for confidentiality, integrity, and availability. The document proposes some approaches for deriving global authorization policies from the local policies of the individual component systems through techniques like subject clustering and abstraction rules for operations and objects.