A UML 2.0 profile to define security requirements for Data Warehouses

Authors:
Juan Trujillo;Emilio Soler;Eduardo Fernández-Medina;Mario Piattini
Affiliations:
LUCENTIA Research Group, Department of Language and Information Systems, University of Alicante, Apto correos 99, E-03080, Alicante, Spain;Department of Computer Science, University of Matanzas, Autopista de Varadero km 3, Matanzas, Cuba;ALARCOS Research Group, Information Systems and Technologies Department, UCLM Research and Development Institute, University of Castilla-La Mancha, Paseo de la Universidad 4, 13071 Ciudad Real, Sp ...;ALARCOS Research Group, Information Systems and Technologies Department, UCLM Research and Development Institute, University of Castilla-La Mancha, Paseo de la Universidad 4, 13071 Ciudad Real, Sp ...
Venue:
Computer Standards & Interfaces
Year:
2009

Citing 23
Cited 5

Building Web applications with UML

Building Web applications with UML
Software engineering for security: a roadmap

Proceedings of the Conference on The Future of Software Engineering
Towards OLAP security design — survey and research issues

Proceedings of the 3rd ACM international workshop on Data warehousing and OLAP
Scenarios in System Development: Current Practice

IEEE Software
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Polyinstantation for Cover Stories

ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
A Pragmatic Approach to Conceptual Modeling of OLAP Security

ER '01 Proceedings of the 20th International Conference on Conceptual Modeling: Conceptual Modeling
A Prototype Model for Data Warehouse Security Based on Metadata

DEXA '98 Proceedings of the 9th International Workshop on Database and Expert Systems Applications
Goal-Based Requirements Analysis

ICRE '96 Proceedings of the 2nd International Conference on Requirements Engineering (ICRE '96)
Role-Based Access Control

Role-Based Access Control
Modelling strategic relationships for process reengineering

Modelling strategic relationships for process reengineering
Security and Privacy Requirements Analysis within a Social Setting

RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Modeling Security Requirements Through Ownership, Permission and Delegation

RE '05 Proceedings of the 13th IEEE International Conference on Requirements Engineering
Research in data warehouse modeling and design: dead or alive?

DOLAP '06 Proceedings of the 9th ACM international workshop on Data warehousing and OLAP
A UML profile for multidimensional modeling in data warehouses

Data & Knowledge Engineering - Special issue: ER 2003
Access control and audit model for the multidimensional modeling of data warehouses

Decision Support Systems
Developing secure data warehouses with a UML extension

Information Systems
Application of QVT for the Development of Secure Data Warehouses: A case study

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
A set of QVT relations to transform PIM to PSM in the Design of Secure Data Warehouses

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
An MDA approach for the development of data warehouses

Decision Support Systems
Building a secure star schema in data warehouses by an extension of the relational package from CWM

Computer Standards & Interfaces
Integrating security and systems engineering: towards the modelling of secure information systems

CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
A model-driven goal-oriented requirement engineering approach for data warehouses

ER'07 Proceedings of the 2007 conference on Advances in conceptual modeling: foundations and applications

Towards a Modernization Process for Secure Data Warehouses

DaWaK '09 Proceedings of the 11th International Conference on Data Warehousing and Knowledge Discovery
Defining and transforming security rules in an MDA approach for DWs

International Journal of Business Intelligence and Data Mining
Towards the secure modelling of OLAP users behaviour

SDM'10 Proceedings of the 7th VLDB conference on Secure data management
A practical application of our MDD approach for modeling secure XML data warehouses

Decision Support Systems
Not Ready for Prime Time: A Survey on Security in Model Driven Development

International Journal of Secure Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Many Data Warehouses (DWs) fail to provide the appropriate information because the users' requirements are not correctly modeled. In addition, the security requirements are considered in the final implementation, and do not take the users' necessities into consideration. However, as DWs store confidential and sensitive information, it is crucial to take security measures into account from early DW design phases, and to enforce them. This paper proposes a profile which uses the Unified Modeling Language (UML) extensibility mechanisms. This profile allows us to define security requirements for DWs at the business level, taking into account the information requirements modeled with a previous profile. Our proposal is aligned with Model Driven Architecture (MDA), thus permitting the transformation of security requirements throughout the entire DW life cycle. Finally, in order to show the benefits of our profile, we develop a case study related to the management of a pharmacy consortium business.