Abstract
Data Warehouses (DW), Multidimensional (MD) databases, and On-Line Analytical Processing (OLAP) applications provide companies with many years of historical information for the decision-making process. Owing to the relevant information managed by these systems, they should provide strong security and confidentiality measures from the early stages of a DW project in the MD modeling and enforce them. In the last years, there have been some proposals to accomplish the MD modeling at the conceptual level. Nevertheless, none of them considers security measures as an important element in their models, and therefore, they do not allow us to specify confidentiality constraints to be enforced by the applications that will use these MD models. In this paper, we present an Access Control and Audit (ACA) model for the conceptual MD modeling. Then, we extend the Unified Modeling Language (UML) with this ACA model, representing the security information (gathered in the ACA model) in the conceptual MD modeling, thereby allowing us to obtain secure MD models. Moreover, we use the OSCL (Object Security Constraint Language) to specify our ACA model constraints, avoiding in this way an arbitrary use of them. Furthermore, we align our approach with the Model-Driven Architecture, the Model-Driven Security and the Model-Driven Data Warehouse, offering a proposal highly compatible with the more recent technologies.
Similar content being viewed by others
Notes
It is out of the scope of this paper to provide further detail on all these transformations.
See Abelló et al. (2001) for a summary of the most relevant logical models proposed for MD modeling.
A descriptor attribute will be used as the default label in the data analysis in OLAP tools.
In this paper we will indistinctly refer to subject and user.
In this paper we will indistinctly refer to subject and user
A profile is a set of improvements that extend an existing UML type of diagram for a different use. These improvements are specified by means of the extendibility mechanisms provided by UML (stereotypes, properties and restrictions) in order to be able to adapt it to a new method or model.
All the metaclasses come from the Core Package, a subpackage of the Foundation Package. We based our extension on the UML 1.5 as this is the current accepted standard. To the best of our knowledge, the current UML 2.0 is not the final accepted standard yet.
As can be seen in Figure 6, Level is a new data type inherited from the UML enumeration data type.
References
Abelló A, Samos J and Saltor F (2001) A framework for the classification and description of multidimensional data models. 12th International Conference on Database and Expert Systems Applications (DEXA'01) Lecture Notes in Computer Science, Vol. 2113, pp 668–677 Springer, Berlin.
Abelló A, Samos J and Saltor F (2002) YAM2 (Yet Another Multidimensional Model): an extension of UML. In International Database Engineering & Applications Symposium (IDEAS 2002) (NASCIMENTO MA, TAMER ÖZSU M and ZAÏANE OR, Eds), pp 172–181, IEEE Computer Society Edmonton, Canada.
Basin DA, Doser J and Lodderstedt T (2006) Model driven security: from UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology 15 (1), 39–91.
Bertino E, Jajodia S and Samarati P (1999) A flexible authorization mechanism for relational data management systems. ACM Transactions on Information Systems 17, 101–140.
Blaschka M, Sapia C, Höfling G and Dinter B (1998) Finding your way through multidimensional data models. In Proceedings of the Ninth International Conference on Database and Expert Systems Applications (DEXA'98) Lecture Notes in Computer Science, Vol. 1460, pp 198–203, Springer-Verlag, Vienna, Austria.
Bonatti P, Damiani E, De Capitani Di Vimercati S and Samarati P (2001) An access control model for data archives. In Proceedings of the IFIP-TC11 International Conference on Information Security, Paris, France.
Conallen J (2000) Building Web Applications with UML. Object Technology Series. Addison-Wesley, Reading MA.
Cota S (2004) For certain eyes only. DB2 Magazine 9 (1), 40–45.
Damiani E, De Capitani Di Vimercati S, Fernandez-Medina E and Samarati P (2002a) An access control system for SVG documents. In Research Directions in Data and Applications Security (GUDES E and SHENOI S, Eds), pp 219–230, Kluwer Academic Publisher, Boston.
Damiani E, De Capitani Di Vimercati S, Paraboschi S and Samarati P (2002b) A fined-grained access control system for XML documents. ACM Transactions on Information and Systems Security 5, 169–202.
Devanbu P and Stubblebine S (2000) Software engineering for security: a roadmap. In The Future of Software Engineering (FINKELSTEIN A, Ed), pp 227–239, ACM Press, New York.
Dhillon G and Backhouse J (2000) Information system security management in the new millennium. Communications of the ACM 43 (7), 125–128.
Directive 95/46/CE of the European Parliament and Council, dated 24 October, about People protection regarding the personal data management and the free circulation of these data. DOCE no. L281, 23/11/1995, P.0031-0050, 1995.
Fernandez EB and Pan RY (2001) A pattern language for security models. In Proceedings of the 8th Conference on Patterns Languages of Programs (PLOP 2001), Illinois, USA.
Fernández-Medina E and Piattini M (2003) Designing secure database for OLS. In Database and Expert Systems Applications: 14th International Conference (DEXA 2003) Lecture Notes in Computer Science, Vol. 2736, Prague, Czech Republic (MARIK V, RETSCHITZEGGER W and STEPANKOVA O, Eds), pp 886–895, Springer, Berlin.
Fernández-Medina E and Piattini M (2004) Extending OCL for secure database design. In Proceedings of the International Conference on the Unified Modeling Language (UML 2004), Lecture Notes in Computer Science, Lisbon, Portugal Springer-Verlag, Berlin.
Fernández-Medina E, Trujillo J, Villarroel R and Piattini M (2004) Extending the UML for designing secure data warehouses. In Proceedings of the International Conference on Conceptual Modeling (ER 2004). Springer-Verlag, Shangai, China.
Ferrari E and Thuraisingham B (2000) Secure database systems. In Advanced Databases: Technology Design (PIATTINI M and DÍA O, Eds) Artech House, London.
France R and Bieman J (2001) Multi-view software evolution: a UML-based framework for evolving object-oriented software. In Proceedings of the International Conference on Software Maintenance, Florence, Italy, pp 386–397.
Frankel DS (2003) Model Driven Architecture. Applying MDA to Enterprise Computing. Indiana Wiley, Indianapolis.
Gogolla M and Henderson-Sellers B (2002) Analysis of UML Stereotypes within the UML metamodel. In Proceedings of the 5th International Conference on the Unified Modeling Language – The Language and its Applications. Lecture Notes in Computer Science, Vol. 2460, Dresden, Germany, pp 84–99, Springer, Berlin.
Golfarelli M, Maio D and Rizzi S (1998) The dimensional fact model: a conceptual model for data warehouses. International Journal of Cooperative Information Systems 7 (2–3), 215–247.
Golfarelli M and Rizzi S (1998) A methodological framework for data warehouse design. In Proceedings of the 1st International Workshop on Data Warehousing and OLAP (DOLAP'98), Maryland, USA, pp 3–9.
Hall A and Chapman R (2002) Correctness by construction: developing a commercial secure system. IEEE Software 19 (1), 18–25.
Husemann B, Lechtenborger J and Vossen G (2000) Conceptual data warehouse design. In Proceedings of the 2nd. International Workshop on Design and Management of Data Warehouses (DMDW'2000). Technical University of Aachen (RWTH). Stockholm, Sweden, pp 3–9.
Inmon H (2002) Building the Data Warehouse, 3rd edn, John Wiley & Sons, USA.
Jajodia S, Samarati P, Sapino ML and Subrahmanian VS (2001) Flexible support for multiple access control policies. ACM Transactions on Database Systems 26, 214–260.
Jürjens J (2002) UMLsec: extending UML for secure systems development. In UML 2002 – The Unified Modeling Language, Model Engineering, Concepts and Tools. Lecture Notes in Computer Science, Vol. 2460. Dresden, Germany (JÉZÉQUELUSSMANN H and COOKS, Eds), pp 412–425, Springer, Berlin.
Katic N, Quirchmayr G, Schiefer J, Stolba M and Min Tjoa A (1998) A prototype model for data warehouse security based on metadata. In Proceedings of the 9th International Workshop on Database and Expert Systems Applications (DEXA'98), pp 300–308, IEEE Computer Society, Vienna, Austria.
Kimball R (1996) The Data Warehousing Toolkit, John Wiley, New York, USA.
Kimball R and Ross M (2002) The Data Warehousing Toolkit, John Wiley, New York, USA.
Kirkgöze R, Katic N, Stolda M and Min Tjoa A (1997) A security concept for OLAP. In Proceedings of the 8th International Workshop on Database and Expert System Applications (DEXA'97), pp 619–626, IEEE Computer Society, Toulouse, France.
Kleppe A, Warmer J and Bast W (2003) MDA Explained; The Model Driven Architecture: Practice and Promise. Addison-Wesley, Reading, MA.
Levinger J (2002) Oracle label security. Administrator's guide. Release 2 (9.2). http://www.csis.gvsu.edu/GeneralInfo/Oracle/network.920/a96578.pdf.
Lodderstedt T, Basin D and Doser J (2002) SecureUML: a UML-based modeling language for model-driven security. In Proceedings of the UML 2002. The Unified Modeling Language. Model Engineering, Languages Concepts, and Tools. 5th International Conference, pp 426–441, Springer, Dresden, Germany.
Luján-Mora S, Trujillo J and Song IY (2006) A UML profile for multidimensional modeling in data warehouses. Data & Knowledge Engineering 59 (3), 725–769.
Marks D, Sell P and Thuraisingham B (1996) MOMT: a multi-level object modeling technique for designing secure database applications. Journal of Object-Oriented Programming 9 (4), 22–29.
Mazón JN, Trujillo J and Lechtenbörguer J (2007) An MDA approach for the development of data warehouses. Decision Support Systems, Accepted for publication. Available online. doi:10.1016/j.dss.2006.12.003.
Medina E and Trujillo J (2002a) Representing conceptual multidimensional properties using the common warehouse metamodel (CWM). In Proceedings of the Advances in Web-Age Information Management, 3rd International Conference, WAIM 2002. Lecture Notes in Computer Science, Vol. 2419, Beijing, China, pp 259–270, Springer, Berlin.
Medina E and Trujillo J (2002b) A standard for representing multidimensional properties: the common warehouse metamodel (CWM). In Proceedings of the Advances in Databases and Information Systems, 6th East European Conference, (ADBIS 2002). Lecture Notes in Computer Science, Vol. 2435, Bratislava, Slovakia, pp 232–247, Springer, Berlin.
OMG (2004a) Object Management Group. Common Warehouse Metamodel Specification, V1.1.
OMG (2004b) Object Management Group. Model Driven Architecture (MDA).
OMG (2004c) Object Management Group: Unified Modeling Language Specification 1.5.
Piattini M and Fernández-Medina E (2001) Specification of security constraint in UML. In Proceedings of the 35th Annual 2001 IEEE International Carnahan Conference on Security Technology (ICCST 2001), pp 163–171, London, Great Britain.
Poole J (2003) Model-Driven Data Warehousing. Burlingame, CA.
Poole J, Chang D, Tolbert D and Mellor D (2002) Common Warehouse Metamodel: An Introduction to the Standard for Data Warehouse Integration. John Wiley, New York, USA.
Priebe T and Pernul G (2000) Towards OLAP security design – survey and research issues. In Proceedings of the 3rd ACM International Workshop on Data Warehousing and OLAP (DOLAP'00), pp 33–40, Washington DC, USA.
Rabitti F, Bertino E, Kim W and Woelk D (1991) A model of authorization for next-generation database systems. ACM Transactions on Database Systems 16 (1), 88–131.
Rosenthal A and Sciore E (2000) View security as the basic for data warehouse security. In Proceedings of the 2nd International Workshop on Design and Management of Data Warehouse (DMDW'00), pp 8.1–8.8, Sweden.
Samarati P and De Capitani Di Vimercati S (2000) Access control: policies, models, and mechanisms. In Foundations of Security Analysis and Design (FOCARDI R and GORRIERI R, Eds), pp 137–196, Springer Bertinoro, Italy.
Sandhu R, Coyne E, Feinstein H and Youman C (1996) Role-based access control models. IEEE Computer 29 (2), 38–47.
Sandhu R and Chen F (1998) The multilevel relational data model. ACM Transactions on Information and Systems Security (TISSEC) 1 (1), 93–132.
Sandhu R, Ferraiolo D and Kuhn R (2000) The NIST model for role-based access control: towards a unified standard. In Proceedings of the Fifth ACM Workshop on Role-Based Access Control, pp 47–63, Berlin, Germany.
Sandhu R and Samarati L (1997) Authentication, access control, and intrusion detection. In CRC Handbook of Computer Science and Engineering (TUCKER A, Ed) CRC Press Inc, Boca Raton, FL.
Sapia C (1999) On modeling and predicting query behavior in OLAP systems. In Proceedings of the International Workshop on Design and Management of Data Warehouses (DMDW'99), pp 1–10, Heidelberg, Germany.
Sapia C, Blaschka M, Höfling G and Dinter B (1998) Extending the E/R model for the multidimensional paradigm. In Proceedings of the 1st International Workshop on Data Warehouse and Data Mining (DWDM'98), pp 105–116, Springer-Verlag, Singapore.
Smith GW (1991) Modeling security-relevant data semantics. IEEE Transactions on Software Engineering 17 (11), 1195–1203.
Soler E, Trujillo J, Fernandez-Medina E and Piattini M (2007a) SECRDW: an extension of the relational package from CWM for representing secure data warehouses at the logical level. In Proceedings of the Fifth International Workshop on Security in Information Systems (WOSIS 2007), pp 245–256, Accepted, Insticc Press, Funchal, Madeira, Portugal.
Soler E, Trujillo J, Fernandez-Medina E and Piattini M (2007b) A set of QVT relations to transform PIM to PSM in the design of secure data warehouses. In Proceedings of the IEEE Second International Symposium on Frontiers in Availability, Reliability and Security (FARES 2007), pp 644–654, Vienna, Austria.
Thomsen E (1997) OLAP Solutions. John Wiley & Sons, Inc., New York, USA.
Toval A, Nicolás J, Moros B and García F (2002) Requirement reuse for improving information systems security: a practitioner's approach. Requirement Engineering Journal 6 (4), 205–219.
Trujillo J, Palomar M, Gómez J and Song IY (2001) Designing data warehouses with OO conceptual models. IEEE Computer, special issue on Data Warehouses 12(34), 66–75.
Tryfona N, Busborg F and Christiansen J (1999) starER: a conceptual model for data warehouse design. In Proceedings of the ACM 2nd International Workshop on Data Warehousing and OLAP (DOLAP'99), pp 3–8, ACM, Missouri, USA.
Wang L, Jajodia S and Wijesekera D (2004) Securing OLAP data cubes against privacy breaches. In Proceedings of the IEEE Symposium on Security and Privacy, pp 161–178, Berkeley, California.
Warmer J and Kleppe A (2003) The Object Constraint Language Second Edition. Getting Your Models Ready for MDA. Addison Wesley, Reading, MA.
Weippl E, Mangisengi O, Essmayr W, Lichtenberger F and Winiwarter W (2001) An authorization model for data warehouses and OLAP. In Proceedings of the Workshop on Security in Distributed Data Warehousing New Orleans, Louisiana, USA.
Acknowledgements
This research is part of the following projects: METASIGN (TIN2004-00779), and ESFINGE (TIN2006-15175-C05-05), projects from the Spanish Ministry of Education and Science; DIMENSIONS (PBC-05-012-1), DADS (PBC-05-012-2), and MISTICO (PBC06-0082) projects partiality supported by the FEDER and the ‘Consejería de Ciencia y Tecnología de la Junta de Comunidades de Castilla-La Mancha’, Spain.
Author information
Authors and Affiliations
Corresponding author
Additional information
Acronyms
ACA: Access Control and Audit
AR: Audit Rule
AUR: Authorization Rule
CWM: Common Warehouse Metamodel
DAG: Directed Acyclic Graph
DBMS: Database Management System
DW: Data Warehouse
EBNF: Extended Backus Naur Form
ETL: Extraction–Transformation–Loading
MAC: Mandatory Access Control
MD: Multidimensional
MDA: Model-Driven Architecture
MDDW: Model-Driven Data Warehouse
MDS: Model-Driven Security
MOF: Meta Object Facility
OCL: Object Constraint Language
OID: Object Identifier
OLAP: On-Line Analytical Processing
OLS: Oracle Label Security
OMG: Object Management Group
OSCL: Object Security Constraint Language
PIM: Platform Independent Model
PSM: Platform Specific Model
RBAC: Role Based Access Control
SIAR: Security Information Assignment Rule
UML: Unified Modeling Language
XMI: eXtensible Markup Interchange
XML: eXtensible Markup Language
Abbreviations used in the ACA grammar
ATT: Attribute
CID: Compartment Identification
CL: Class
COND: Condition
ID: User Identification
INVCLASSES: Involved Classes
LOGINFO: Log Information
RID: Role Identification
SC: Security Compartments
SECINF: Security Information
SL: Security Level
SL: Security Levels
SR: Security Roles
Rights and permissions
About this article
Cite this article
Fernández-Medina, E., Trujillo, J. & Piattini, M. Model-driven multidimensional modeling of secure data warehouses. Eur J Inf Syst 16, 374–389 (2007). https://doi.org/10.1057/palgrave.ejis.3000687
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1057/palgrave.ejis.3000687