Securing Data Warehouses: A Semi-automatic Approach for Inference Prevention at the Design Level

  • Salah Triki
  • Hanene Ben-Abdallah
  • Nouria Harbi
  • Omar Boussaid
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6918)

Abstract

Data warehouses contain sensitive data that must be secured in two ways: by defining appropriate access rights to the users and by preventing potential data inferences. Inspired from development methods for information systems, the first way of securing a data warehouse has been treated in the literature during the early phases of the development cycle. However, despite the high risks of inferences, the second way is not sufficiently taken into account in the design phase; it is rather left to the administrator of the data warehouse. However, managing inferences during the exploitation phase may induce high maintenance costs and complex OLAP server administration. In this paper, we propose an approach that, starting from the conceptual model of the data sources, assists the designer of the data warehouse in indentifying multidimensional sensitive data and those that may be subject to inferences.

Keywords

Data warehouse Security Precise Inference Partial inference 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bhargava, B.K.: Security in data warehousing (Invited talk). In: Kambayashi, Y., Mohania, M., Tjoa, A.M. (eds.) DaWaK 2000. LNCS, vol. 1874, pp. 287–288. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Pernul, G., Priebe, T.: Towards olap security design - survey and research issues. In: 3rd ACM International Workshop on Data Warehousing and OLAP DOLAP 2000, Washington, DC, Novembre 10, pp. 114–121 (2000)Google Scholar
  3. 3.
    Soler, E., Stefanov, V., Mazón, J.-N., Trujillo, J., Fernández-Medina, E., Piattini, M.: Towards comprehensive requirement analysis for data warehouses: Considering security requirements. In: The Third International Conference on Availability, Reliability and Security ARES 2008, Barcelone, Espagne, pp. 104–111. IEEE Computer Society, Los Alamitos (2008)CrossRefGoogle Scholar
  4. 4.
    Soler, E., Villarroel, R., Trujillo, J., Fernández-Medina, E., Piattini, M.: Representing security and audit rules for data warehouses at the logical level by using the common warehouse metamodel. In: The First International Conference on Availability, Reliability and Security ARES 2006, Vienne, Autriche, pp. 914–921. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  5. 5.
    Triki, S., Ben-Abdallah, H., Feki, J., Harbi, N.: Modeling Conflict of Interest in the design of secure data warehouses. In: The International Conference on Knowledge Engineering and Ontology Development 2010, Valencia, Espagne, pp. 445–448 (2010)Google Scholar
  6. 6.
    Carlos, B., Ignacio, G., Eduardo, F.-M., Juan, T., Mario, P.: Towards the Secure Modelling of OLAP Users’ Behaviour. In: The 7th VLDB Conference on Secure Data Management, Singapore, September 17, pp. 101–112. Springer, Heidelberg (2010)Google Scholar
  7. 7.
    Steger, J., Günzel, H.: Identifying Security Holes in OLAP Applications. In: Proc. Fourteenth Annual IFIP WG 11.3 Working Conference on Database Security, Schoorl (near Amsterdam), The Netherlands, August 21-23 (2000)Google Scholar
  8. 8.
    Icon Group Ltd. GFK AG: International Competitive Benchmarks and Financial Gap Analysis (Financial Performance Series). Icon Group International (2000)Google Scholar
  9. 9.
    Villarroel, R., Fernández-Medina, E., Piattini, M., Trujillo, J.: A uml 2.0/ocl extension for designing secure data warehouses. Journal of Research and Practice in Information Technology 38(1), 31–43 (2006)Google Scholar
  10. 10.
    Haibing, L., Yingjiu, L.: Practical Inference Control for Data Cubes. IEEE Transactions on Dependable and Secure Computing 5(2), 87–98 (2008)CrossRefGoogle Scholar
  11. 11.
    Cuzzocrea, A.: Privacy Preserving OLAP and OLAP Security. In: Encyclopedia of Data Warehousing and Mining, pp. 1575–1158 (2009)Google Scholar
  12. 12.
    Zhang, N., Zhao, W.: Privacy-Preserving OLAP: An Information-Theoretic Approach. IEEE Transactions on Knowledge and Data Engineering 23(1), 122–138 (2011)CrossRefGoogle Scholar
  13. 13.
    Terzi, E., Zhong, Y., Bhargava, B.K., Pankaj, Madria, S.K.: An Algorithm for Building User-Role Profiles in a Trust Environment. In: Kambayashi, Y., Winiwarter, W., Arikawa, M. (eds.) DaWaK 2002. LNCS, vol. 2454, pp. 104–113. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    Bhargava, B.K., Zhong, Y., Lu, Y.: Fraud Formalization and Detection. In: Kambayashi, Y., Mohania, M., Wöß, W. (eds.) DaWaK 2003. LNCS, vol. 2737, pp. 330–339. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Golfarelli, M., Rizzi, S.: A Methodological Framework for Data Warehouse Design. In: ACM First International Workshop on Data Warehousing and OLAP DOLAP, Bethesda, Maryland, USA, pp. 3–9 (Novembre 1998)Google Scholar
  16. 16.
    Feki, J., Nabli, A., Ben-Abdallah, H., Gargouri, F.: An Automatic Data Warehouse Conceptual Design Approach. In: Wang, J. (ed.) Encyclopedia of Data Warehousing and Mining, 2nd edn. (2008)Google Scholar
  17. 17.
    Lujan-Mora, S., Trujillo, J.A.: Comprehensive Method for Data Warehouse Design Fifth International Workshop on Design and Management of Data Warehouses, DMDW 2003, Berlin, Allemagne (Septembre 2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Salah Triki
    • 1
  • Hanene Ben-Abdallah
    • 1
  • Nouria Harbi
    • 2
  • Omar Boussaid
    • 2
  1. 1.Laboratoire Mir@cl, Département d’InformatiqueFaculté des Sciences Economiques et de Gestion de Sfax, TunisieSfaxTunisia
  2. 2.Laboratoire ERICUniversité Lyon 2Bron, CedexFrance

Personalised recommendations