Skip to main content
Springer Nature Link
Log in

Towards the Secure Modelling of OLAP Users’ Behaviour

  • Conference paper
Secure Data Management (SDM 2010)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6358))

Included in the following conference series:

Abstract

Information Security is a crucial aspect for organizations, and must be considered during the development of Information Systems. The data in Data Warehouses (DWs) are highly sensitive since they manage historical information which is used to make strategic decisions, and security constraints should therefore be included in DW modelling within its structural aspects. However, another dynamic security component is also related to the sequences of OLAP (On-Line Analytical Processing) operations, and could be used to access (or infer) unauthorized information. This paper complements the modelling of DWs with state models, which permit the modelling of these dynamic situations in which sensitive information could be inferred. That is, it models queries that include security issues, and controls that their evolution through the application of OLAP operations always leads to authorized states. Finally, our proposal has been applied to a healthcare case study in which a DW manages admissions information with various security constraints.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Inmon, H.: Building the Data Warehouse, 3rd edn. John Wiley & Sons, USA (2002)

    Google Scholar 

  2. Kimball, R.: The Data Warehouse Toolkit. John Wiley & Sons, Chichester (2002)

    Google Scholar 

  3. Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, p. 426. Springer, Heidelberg (2002)

    Google Scholar 

  4. Mouratidis, H., Giorgini, P.: Integrating Security and Software Engineering: Advances and Future Vision. Idea Group Publishing, USA (2006)

    Google Scholar 

  5. Fernández-Medina, E., et al.: Model-Driven Development for secure information systems. Information and Software Technology 51(5), 809–814 (2009)

    Article  Google Scholar 

  6. Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)

    MATH  Google Scholar 

  7. Jurjens, J.: Principles for Secure Systems Design, PhD Thesis, Oxford University (2002)

    Google Scholar 

  8. Houmb, S.H., et al.: Cost-Benefit Trade-Off Analysis using BBN for Aspect-Oriented Risk-Driven Development. In: International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 195–204. IEEE Computer Society, Shanghai (2005)

    Chapter  Google Scholar 

  9. Thuraisingham, B., Kantarcioglu, M., Iyer, S.: Extended RBAC-based design and implementation for a secure data warehouse. International Journal of Business Intelligence and Data Mining (IJBIDM) 2(4), 367–382 (2007)

    Article  Google Scholar 

  10. Priebe, T., Pernul, G.: A Pragmatic Approach to Conceptual Modeling of OLAP Security. In: Kunii, H.S., Jajodia, S., Sølvberg, A. (eds.) ER 2001. LNCS, vol. 2224, p. 311. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Fernández-Medina, E., Trujillo, J., Piattini, M.: Model Driven Multidimensional Modeling of Secure Data Warehouses. European Journal of Information Systems 16, 374–389 (2007)

    Article  Google Scholar 

  12. Saltor, F., et al.: Building Secure Data Warehouse Schemas from Federated Information Systems. In: Bestougeff, H., Dubois, J.E., Thuraisingham, B. (eds.) Heterogeneous Inf. Exchange and Organizational Hubs, pp. 123–134. Kluwer Academic Publisher, Dordrecht (2002)

    Google Scholar 

  13. Trujillo, J., et al.: A UML 2.0 Profile to define Security Requirements for DataWarehouses. Computer Standard and Interfaces 31(5), 969–983 (2009)

    Article  MathSciNet  Google Scholar 

  14. Trujillo, J., et al.: An Engineering Process for Developing Secure Data Warehouses. Information and Software Technology 51(6) (2009)

    Google Scholar 

  15. Fernández-Medina, E., et al.: Access Control and Audit Model for the Multidimensional Modeling of Data Warehouses. Decision Support Systems 42, 1270–1289 (2006)

    Article  Google Scholar 

  16. Soler, E., et al.: Building a secure star schema in data warehouses by an extension of the relational package from CWM. Computer Standard and Interfaces 30(6), 341–350 (2008)

    Article  Google Scholar 

  17. Blanco, C., et al.: Applying QVT in order to implement Secure Data Warehouses in SQL Server Analysis Services. Journal of Research and Practice in Information Technology 41(2), 135–154 (2009)

    MathSciNet  Google Scholar 

  18. Fernández-Medina, E., et al.: Developing Secure Data Warehouses with a UML extension. Information Systems 32(6), 826–856 (2007)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dep. Of Mathematics, Statistical and Computation. Facultad de Ciencias, University of Cantabria, Av. De los Castros s/n., 39071, Santander, Spain

    Carlos Blanco

  2. Dep. of Information Technologies and Systems. Escuela Superior de Informática., GSyA Research Group., University of Castilla-La Mancha., Paseo de la Universidad, 4., 13071, Ciudad Real, Spain

    Eduardo Fernández-Medina

  3. Dep. of Information Languages and Systems. Facultad de Informática., LUCENTIA Research Group., University of Alicante, San Vicente s/n., 03690, Alicante, Spain

    Juan Trujillo

  4. Germany TU Dortmund & Fraunhofer ISST., Germany

    Jan Jurjens

Authors
  1. Carlos Blanco
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eduardo Fernández-Medina
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juan Trujillo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jan Jurjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Philips Research Europe, High Tech Campus 34, 5656 AE, Eindhoven, The Netherlands

    Willem Jonker  & Milan Petković  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Blanco, C., Fernández-Medina, E., Trujillo, J., Jurjens, J. (2010). Towards the Secure Modelling of OLAP Users’ Behaviour. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2010. Lecture Notes in Computer Science, vol 6358. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15546-8_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15546-8_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15545-1

  • Online ISBN: 978-3-642-15546-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics