ABSTRACT
Data Warehouse (DW) systems maintain sensitive and crucial information integrated from various heterogeneous sources of the organization, that needs to be protected from unauthorized users. This motivates researchers to consider the issue of information security during the design and development of DW systems. It has also been recognized by the researchers that the information security issue must be considered from the early stages of DW systems development life cycle. In this paper, we survey different relevant approaches for DW design considering issues of information security. Having surveyed the various approaches in the DW literature, we observed that most of the approaches consider security issue right from the conceptual model and moves towards subsequent logical and physical model. However, very little work is seen in the DW literature that considers security aspect from requirements level, which is very important to arrive at subsequent models of DW. Further, we evaluated different approaches for DW design on various security specific parameters like confidentiality, integrity, availability, access control and audit measures, inference control, traceability, interoperability, etc. The proposed evaluation will help the designers while selecting the appropriate approach for designing a secure DW. This will also motivate readers to explore the possibility of proposing new approach for DW design considering security issues into account.
- Kimball, R., Ross, M. 2002. The Data Warehouse Toolkit. Wiley & Sons.Google Scholar
- Devanbu, P., Stubblebine S. 2002 Software engineering for security: a roadmap. In: A. Finkelstein, Editor, The Future of Software Engineering, ACM Press, New York, 227239. Google ScholarDigital Library
- Dhillon, G., Backhouse, J., 2000 Information system security management in the new millennium, Commun. ACM 437 125--128. Google ScholarDigital Library
- Toval, A., Nicolás, J., Moros, B., García, F. 2002. Requirement reuse for improving information systems security: a practitioner's approach, Requirement Engineering Journal 6 (4).Google Scholar
- Ferrari, E., Thuraisingham, B. 2000 Secure database systems, in: M. Piattini, O. Díaz (Eds.), Advanced Databases: Technology Design, Artech House.Google Scholar
- Rizzi, S., Abelló, A, Lechtenbörger, J., Trujillo, J. 2006 Research in data warehouse modeling and design: dead or alive? In: DOLAP, 3--10 Google ScholarDigital Library
- Soler, E., Trujillo, J., Medina, F. 2008 Towards comprehensive requirement analysis for DW: Considering security requirement Published in IEEE Conference in.Google Scholar
- Ponniah, P. 2006: Data Warehousing Fundamentals. Wiley & Sons. Google ScholarDigital Library
- Soler, E., Trujillo, J., Fernández-Medina, E., Piattini, M. 2008. "Building a secure star schema in data warehouses by an extension of the Relational Package from CWM", Computer Standards & Interfaces, 30, 6, 341--350. Google ScholarDigital Library
- Sapia, C., Blaschka, M., Hofling, G., Dinter, B., 1998. Extending the E/R model for the multidimensional paradigm. In Proc. ER Workshop on Data Warehousing and Data Mining, pages 105--116. Google ScholarDigital Library
- Tryfona, N., Busborg, F., Christiansen, J., 1999. starER: a conceptual model for data warehouse design, ACM 2nd International Workshop on Data Warehousing and OLAP (DOLAP'99), ACM, Missouri, USA. Google ScholarDigital Library
- Luján-Mora, S., Trujillo, J. Song, I., 2006. A UML profile for multidimensional modeling in data warehouses. In Data & Knowledge Engineering. Google ScholarDigital Library
- Abelló, A., Samos, J., Saltor, F., 2006 YAM2: a multidimensional conceptual model extending UML. Information Systems, 31(6):541--567. Google ScholarDigital Library
- Golfarelli, M., Maio, D., Rizzi, S., 1998. The Dimensional Fact Model: A conceptual model for data warehouses. International Journal of Cooperative Inf. System., 7(2--3):215--247.Google Scholar
- Marks, D., Sell, P., Thuraisingham, B., 1996. MOMT: a multi-level object modeling technique for designing secure database applications, Journal of Object-Oriented Programming 9 (4).Google Scholar
- Husemann, B., Lechtenborger, J., Vossen, G., 2000. Conceptual data warehouse design, Proceedings of the 2nd. International Workshop on Design and Management of Data Warehouses, Technical University of Aachen (RWTH), (Stockholm, Sweden).Google Scholar
- Smith, G. W., 1991. Modeling security-relevant data semantics, IEEE Transactions on Software Engineering 17 (11). Google ScholarDigital Library
- Jajodia, S., Wijesekera D., 2004. Securing OLAP data cubes against privacy breaches. In Proc. IEEE Symp. on Security and Privacy, pages 161--178.Google Scholar
- Kirkgöze, R., Katic, N., Stolda, M., Tjoa, A. M,. 1997. A security concept for OLAP. In Proc. DEXA, pages 619--626.Google ScholarCross Ref
- Fernandez-Medina, E., Trujillo, J., Villaroel, P., Piattini, M. 2006. Extending UML for designing secure data warehouses. In Decision Support Systems.Google Scholar
- Priebe, T., Pernul, G., 2000. A pragmatic approach to conceptual modeling of OLAP security. In Proc. ER, pages 311--324. Google ScholarDigital Library
- Fernandez-Medina, E., et al., 2006. Access Control and Audit Model for the Multidimensional Modeling of Data Decision Support Systems, 42: p. 1270--1289. Google ScholarDigital Library
- Fernandez-Medina, E., Trujillo, J., Villarroel, R., 2006. "Developing a secure data warehouses with a UML extension" Science Direct 0306--4376.Google Scholar
- Soler, E., Villarroel, R., Trujillo, J., 2006. "Representing security and audit rules in Data warehouse at the logical levels by using the common warehouse met model" Proceedings of the First International Conference on Availability, Reliability and Security (ARES'O6)0-7695-2567-9106 IEEE. Google ScholarDigital Library
- Miller, J., Mukerji, J., 2003. "MDA guide version 1.0.1,.Google Scholar
- OMG, MOF QVT. 2005 final adopted specification.Google Scholar
- Giorgini, P., Mouratidis, H., Zannone, Z.: 2006. Modelling Security and Trust with Secure Tropos, Integrating Security and Software Engineering: Advances and Future Visions, Idea Group Publishing.Google Scholar
- Soler, E., Trujillo, J., Fernández-Medina, E., Piattini, M. 2007. A set of QVT relations to transform PIM to PSM in the Design of Secure Data warehouses", Second international Conference on Availability, Reliability and Security (ARES'07), Vienna, Austria, 644--654. Google ScholarDigital Library
- Soler, E., Trujillo, J., Fernández-Medina, E., Piattini, M. 2007a "Application of QVT for the Development of Secure Data Warehouses: A case study", Second International Conference on Availability, Reliability and Security (ARES'07), Vienna, Austria, 829--836. Google ScholarDigital Library
- Soler, E., Trujillo, J., Fernández-Medina, E., Piattini, M. 2007b. "Framework for the Development of Secure Data Warehouses based on MDA and QVT", Second International Conference on Availability, Reliability and Security (ARES'07), Vienna, Austria, 294--300. Google ScholarDigital Library
- Blanco, C., et al., 2008. Applying QVT in order to implement Secure Data Warehouses in SQL Server Analysis Services. Journal of Research and Practice in Information Technology,.Google Scholar
- Blanco, C., Guzman, I. G. R., Medina, E. F., Trujillo, J. and Piattini, M. 2008. Automatic generation of secure Multidimensional Code for Data Warehouses: An MDA Approach, In OTM 2008, Part II, LNCS 5332, 1052--1068. Google ScholarDigital Library
- Fernández-Medina, E. et. al., 2009. Designing secure Data warehouses by using MDA and QVT. Journal of Universal Computer science, vol 15, no 8, 1607--1641.Google Scholar
- Juan Trujillo et al., 2009. Applying an MDA based approach to consider security rules in the development of secure DW's, International conference on Availability, Reliability and Security.Google Scholar
- Rosenthal, A., Sciore, E. 2000. View security as the basic for data warehouse security, In Proceedings of 2nd International Workshop on Design and Management of Data Warehouse, 28, Sweden, pp. 8.1--8.8.Google Scholar
- Katic, N., Quirchmayr, G., Schiefer, J., Stolba, M., Tjoa, A. M. 1998. "A Prototype Model for DWSecurity Based on Metadata", Proc. 9th Int. Workshop on DB and Expert Systems Applications, Vienna, Austria, 300--308. Google ScholarDigital Library
- Carlos et. al.. 2010. Towards the secure modeling of OLAP user's behaviour, springer-verlag Berlin Heidelberg SDM 2010, LNCS 6538, pp 101--112. Google ScholarDigital Library
Index Terms
- Evaluation of approaches for designing secure data warehouse
Recommendations
Alliance Rules for Data Warehouse Cleansing
ICSPS '09: Proceedings of the 2009 International Conference on Signal Processing SystemsData Cleansing is an activity performed on the data sets of data warehouse to enhance and maintain the quality and consistency of the data. This paper addresses the problems related with dirty data, entrance of dirty data and detection of dirty data in ...
Data warehouse enhancement: A semantic cube model approach
Many data warehouse systems have been developed recently, yet data warehouse practice is not sufficiently sophisticated for practical usage. Most data warehouse systems have some limitations in terms of flexibility, efficiency, and scalability. In ...
Design of ETL Tool for Structured Data Based on Data Warehouse
CSAE '20: Proceedings of the 4th International Conference on Computer Science and Application EngineeringThis paper takes the current business system of a mobile communication-equipment-chain sales-service-company as an example, and analyzes the problem that the data from multiple data sources cannot directly be loaded into the data warehouse by the ...
Comments