Skip to main content
SpringerLink
Log in

Security in Data Warehouses and OLAP Systems

  • Chapter
Handbook of Database Security

  • 1771 Accesses

Summary

Unlike in operational databases, aggregation and derivation play a major role in on-line analytical processing (OLAP) systems and data warehouses. Unfortunately, the process of aggregation and derivation can also pose challenging security problems. Aggregated and derived data usually look innocent to traditional security mechanisms, such as access control, and yet such data may carry enough sensitive information to cause security breaches. This chapter ?rst demonstrates the security threat from aggregated and derived data in OLAP systems and warehouses. The chapter then reviews a series of methods for removing such a threat. Two efforts in extending existing inference control methods to the special setting of OLAP systems and warehouses are discussed. Both methods are not fully satisfactory due to limitations inherited from their counter parts in statistical databases. The chapter then reviews another solution based on a novel preventing-then-removing approach, which shows a promising direction towards securing OLAP systems and data warehouses.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. N.R. Adam and J.C. Wortmann. Security-control methods for statistical databases: a comparative study. ACM Computing Surveys, 21(4):515–556, 1989.

    Article  Google Scholar 

  2. R. Agrawal and R. Srikant. Privacy-preserving data mining. In Proceedings of the Nineteenth ACM SIGMOD Conference on Management of Data (SIGMOD’00), pages 439–450, 2000.

    Google Scholar 

  3. R. Agrawal, R. Srikant, and D. Thomas. Privacy-preserving olap. In Proceedings of the Twenty-fourth ACM SIGMOD Conference on Management of Data (SIGMOD’05), pages 251–262, 2005.

    Google Scholar 

  4. L.L. Beck. A security mechanism for statistical databases. ACM Trans. on Database Systems, 5(3):316–338, 1980.

    Article  MATH  MathSciNet  Google Scholar 

  5. B. Bhargava. Security in data warehousing (invited talk). In Proceedings of the 3rd Data Warehousing and Knowledge Discovery (DaWak’00), 2000.

    Google Scholar 

  6. F.Y. Chin. Security problems on inference control for sum, max, and min queries. Journal of the Association for Computing Machinery, 33(3):451–464, 1986.

    MathSciNet  Google Scholar 

  7. F.Y. Chin and G. Ozsoyoglu. Statistical database design. ACM Trans. on Database Systems, 6(1):113–139, 1981.

    Article  Google Scholar 

  8. F.Y. Chin and G. Ozsoyoglu. Auditing and inference control in statistical databases. IEEE Trans. on Software Engineering, 8(6):574–582, 1982.

    Article  MathSciNet  Google Scholar 

  9. E.F. Codd, S.B. Codd, and C.T. Salley. Providing olap to user-analysts: An IT mandate. White Paper, 1993. E.F. Codd Associates.

    Google Scholar 

  10. L.H. Cox. On properties of multi-dimensional statistical tables. Journal of Statistical Planning and Inference, 117(2):251–273, 2003.

    Article  MATH  MathSciNet  Google Scholar 

  11. D.E. Denning. Cryptography and data security. Addison-Wesley, Reading, Massachusetts, 1982.

    Google Scholar 

  12. D.E. Denning and J. Schlorer. Inference controls for statistical databases. IEEE Computer, 16(7):69–82, 1983.

    Google Scholar 

  13. D. Dobkin, A.K. Jones, and R.J. Lipton. Secure databases: protection against user influence. ACM Trans. on Database Systems, 4(1):97–106, 1979.

    Article  Google Scholar 

  14. W. Du and Z. Zhan. Building decision tree classifier on private data. In Proceedings of the 2002 IEEE International Conference on Data Mining (ICDM’02), 2002.

    Google Scholar 

  15. J. Gray, A. Bosworth, A. Bosworth, A. Layman, D. Reichart, M. Venkatrao, F. Pellow, and H. Pirahesh. Data cube: A relational aggregation operator generalizing group-by, cross-tab, and sub-totals. Data Mining and Knowledge Discovery, 1(1):29–53, 1997.

    Article  Google Scholar 

  16. P. Griffiths and B.W. Wade. An authorization mechanism for a relational database system. ACM Transactions on Database Systems, 1(3):242–255, September 1976.

    Article  Google Scholar 

  17. J. Han. OLAP mining: Integration of OLAP with data mining. In IFIP Conf. on Data Semantics, pages 1–11, 1997.

    Google Scholar 

  18. V. Harinarayan, A. Rajaraman, and J.D. Ullman. Implementing data cubes efficiently. In Proceedings of the Fifteenth ACM SIGMOD international conference on Management of data (SIGMOD’96), pages 205–227, 1996.

    Google Scholar 

  19. K. Hoffman. Linear Algebra. Prentice-Hall, Englewood Cliffs, New Jersey, 1961.

    Google Scholar 

  20. S. Jajodia, P. Samarati, M.L. Sapino, and V.S. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(4):1–57, dec 2001.

    Google Scholar 

  21. J.M. Mateo-Sanz and J. Domingo-Ferrer. A method for data-oriented multivariate microaggregation. In Proceedings of the Conference on Statistical Data Protection’98, pages 89–99, 1998.

    Google Scholar 

  22. G. Miklau and D. Suciu. A formal analysis of information disclosure in data exchange. In Proceedings of the 23th ACM SIGMOD Conference on Management of Data (SIGMOD’04), 2004.

    Google Scholar 

  23. N. Pendse. The olap report - what is olap. OLAP Report Technical Report, 2001. http:// www.olapreport.com / fasmi.htm.

    Google Scholar 

  24. P. Samarati. Protecting respondents’ identities in microdata release. IEEE Transactions on Knowledge and Data Engineering, 13(6):1 010–1027, 2001.

    Google Scholar 

  25. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-based access control models. IEEE Computer, 29(2):38–47, 1996.

    Google Scholar 

  26. J. Schlörer. Security of statistical databases: multidimensional transformation. ACM Trans. on Database Systems, 6(1):95–112, 1981.

    Article  MATH  Google Scholar 

  27. A. Shoshani. OLAP and statistical databases: Similarities and differences. In Proceedings of the Sixteenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems (PODS’97), pages 185–196, 1997.

    Google Scholar 

  28. G. Pernul T. Priebe. Towards olap security design - survey and research issues. In Proceedings of 3rd ACM International Workshop on Data Warehousing and OLAP (DOLAP’00), pages 114–121, 2000.

    Google Scholar 

  29. Pedersen T.B. and Jense C.S. Multidimensional database technology. IEEE Computer, 34(12):40–46, 2001.

    Google Scholar 

  30. J.F. Traub, Y. Yemini, and H. Woźniakowski. The statistical security of a statistical database. ACM Trans. on Database Systems, 9(4):672–679, 1984.

    Article  Google Scholar 

  31. J. Vaidya and C. Clifton. Privacy preserving association rule mining in vertically partitioned data. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining (KDD’02), pages 639–644, 2002.

    Google Scholar 

  32. L. Wang, S. Jajodia, and D. Wijesekera. Securing OLAP data cubes against privacy breaches. In Proceedings of the 2004 IEEE Symposium on Security and Privacy (S & P’04), pages 161–175, 2004.

    Google Scholar 

  33. L. Wang, Y.J. Li, D. Wijesekera, and S. Jajodia. Precisely answering multi-dimensional range queries without privacy breaches. In Proceedings of the Eighth European Symposium on Research in Computer Security (ESORICS’03), pages 100–115, 2003.

    Google Scholar 

  34. L. Wang, D. Wijesekera, and S. Jajodia. Cardinality-based inference control in data cubes. Journal of Computer Security, 12(5):655–692, 2004.

    Google Scholar 

  35. L. Willenborg and T. de Walal. Statistical disclosure control in practice. Springer Verlag, New York, 1996.

    MATH  Google Scholar 

  36. C. Yao, X. Wang, and S. Jajodia. Checking for k-anonymity violation by views. In Proceedings of the Thirty-first Conference on Very Large Data Base (VLDB’05), 2005.

    Google Scholar 

  37. C.T. Yu and F.Y. Chin. A study on the protection of statistical data bases. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD’77), pages 169–181, 1977.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Concordia Institute for Information Systems Engineering, Concordia University, Montreal, QC H3G 1M8, Canada

    Lingyu Wang

  2. Center for Secure Information Systems George Mason University, Fairfax, VA 22030-4444, USA

    Sushil Jajodia

Authors
  1. Lingyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Science, University of California at Davis, One Shields Avenue, Davis, CA 95616-8562

    Michael Gertz

  2. George Mason University Center for Secure Information Systems Research I, Suite 417, Fairfax, VA 22030-4444

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer Science+Business Media, LLC.

About this chapter

Cite this chapter

Wang, L., Jajodia, S. (2008). Security in Data Warehouses and OLAP Systems. In: Gertz, M., Jajodia, S. (eds) Handbook of Database Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-48533-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-0-387-48533-1_8

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-48532-4

  • Online ISBN: 978-0-387-48533-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation