Towards the secure modelling of OLAP users behaviour

Authors:
Carlos Blanco;Eduardo Fernández-Medina;Juan Trujillo;Jan Jurjens
Affiliations:
Dep. Of Mathematics, Statistical and Computation, Facultad de Ciencias, University of Cantabria, Santander, Spain;Dep. of Information Technologies and Systems, Escuela Superior de Informática, GSyA Research Group, University of Castilla-La Mancha, Ciudad Real, Spain;Dep. of Information Languages and Systems, Facultad de Informática, LUCENTIA Research Group, University of Alicante, Alicante, Spain;Germany TU Dortmund & Fraunhofer ISST, Germany
Venue:
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Year:
2010

Citing 13
Cited 3

Building the Data Warehouse,3rd Edition

Building the Data Warehouse,3rd Edition
SecureUML: A UML-Based Modeling Language for Model-Driven Security

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
A Pragmatic Approach to Conceptual Modeling of OLAP Security

ER '01 Proceedings of the 20th International Conference on Conceptual Modeling: Conceptual Modeling
Cost-Benefit Trade-Off Analysis Using BBN for Aspect-Oriented Risk-Driven Development

ICECCS '05 Proceedings of the 10th IEEE International Conference on Engineering of Complex Computer Systems
Access control and audit model for the multidimensional modeling of data warehouses

Decision Support Systems
Developing secure data warehouses with a UML extension

Information Systems
Integrating Security and Software Engineering: Advances and Future Vision

Integrating Security and Software Engineering: Advances and Future Vision
Extended RBAC-based design and implementation for a secure data warehouse

International Journal of Business Intelligence and Data Mining
Building a secure star schema in data warehouses by an extension of the relational package from CWM

Computer Standards & Interfaces
Editorial: Model-Driven Development for secure information systems

Information and Software Technology
An engineering process for developing Secure Data Warehouses

Information and Software Technology
A UML 2.0 profile to define security requirements for Data Warehouses

Computer Standards & Interfaces
Secure Systems Development with UML

Secure Systems Development with UML

Securing data warehouses: a semi-automatic approach for inference prevention at the design level

MEDI'11 Proceedings of the First international conference on Model and data engineering
Evaluation of approaches for designing secure data warehouse

Proceedings of the International Conference on Advances in Computing, Communications and Informatics
A proposed model for data warehouse user behaviour using intrusion detection system

ACM SIGSOFT Software Engineering Notes

Quantified Score

Hi-index	0.00

Visualization

Abstract

Information Security is a crucial aspect for organizations, and must be considered during the development of Information Systems. The data in Data Warehouses (DWs) are highly sensitive since they manage historical information which is used to make strategic decisions, and security constraints should therefore be included in DW modelling within its structural aspects. However, another dynamic security component is also related to the sequences of OLAP (On-Line Analytical Processing) operations, and could be used to access (or infer) unauthorized information. This paper complements the modelling of DWs with state models, which permit the modelling of these dynamic situations in which sensitive information could be inferred. That is, it models queries that include security issues, and controls that their evolution through the application of OLAP operations always leads to authorized states. Finally, our proposal has been applied to a healthcare case study in which a DW manages admissions information with various security constraints.