Security Measures for Web ETL Processes

Dammak, Salma; Jedidi, Faiza Ghozzi; Gargouri, Faiez

doi:10.1007/978-3-319-23467-0_2

Salma Dammak³,
Faiza Ghozzi Jedidi³ &
Faiez Gargouri³

Part of the book series: Studies in Computational Intelligence ((SCI,volume 614))

532 Accesses
1 Citations

Abstract

Security aspects currently play a vital role in software systems. As security managers have to operate within limited budgets they also have to patch up the increasing number of software security vulnerabilities. They need to perform a risk evaluation in order to determine the priority of patching-up vulnerabilities. The use of quantitative security assessment methods enables efficient prioritization of security efforts and investments to mitigate the discovered vulnerabilities and thus an opportunity to lower expected losses. Elsewhere, Extraction Transformation Load (ETL) processes, known as a core, development of WeBhouse. Securing these processes is highly important and helps in mitigating security defects in decisional system. For this purposes, this paper adopts the Common Vulnerability Scoring System (CVSS) and proposes a Meta model for security measure in Web ETL processes enabling security manager to asset anticipated vulnerabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 129.00; Price excludes VAT (USA)

Softcover Book: USD 169.99; Price excludes VAT (USA)

Hardcover Book: USD 169.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

OMG, O.M.: Omg unified modeling language (omg uml), superstructure, v2.1.2 (2007)
Google Scholar
Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system version 2.0, NIST and Carnegie Mellon University, 1st edn, June 2007
Google Scholar
Mehedintu, A., Bulgiu, I., Pirvy, C.: Web-enabled Data Warehouse and Data Webhouse
Google Scholar
Hernndez, P., Garrigs, J.: Model-driven development of multidimensional models from web log files, ER?10 Proceedings of the international conference on Advances in conceptual modeling: applications and challenges, pp. 170–179 (2010)
Google Scholar
Liu, J., Hu Chaou, J., YuanHeJin: Application of Web Services on The Real-time Data Warehouse Technology (2010)
Google Scholar
Kimball, R., Merz, R.: Le DATA WEBHOUSE:Analyser les comportements client sur le Web, Eyrolles Edition, 2000
Google Scholar
Muralini, M., Kumar, T.V.S., Kanth, K.R: Simulating Secure Data Extraction in Extraction Transformation Loading (ETL) Processes, In Third UKSim European Symposium on Computer Modeling and Simulation, pp. 142–147 (2009)
Google Scholar
Muralini, M., Kumar, T.V.S, Kanth, K.R.: Simulating: Secure ETL Process Model: An Assessment of Security in Different Phases of ETL, In Software Engineering Competence Center (2013)
Google Scholar
Kiran, P., Sathish Kumar, S., Kavya, NP.: Modelling Extraction Transformation Load embedding Privacy Preservation using UML, Int. j. comput. Appl. (2012)
Google Scholar
National Institute of Standards and Technology Special Publication 800–30, Risk Management Guide for Information Technology Systems, June 2001
Google Scholar
National Institute of Standards and Technology Special Publication 800–53, Recommended Security Controls for Federal Information Systems, December 2007
Google Scholar
National Institute of Standards and Technology Special Publication 800–55, Performance Measurement Guide for Information Security, July 2008
Google Scholar
Cheng, P., Wang,L., Jajodia, S., Singhal, A.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, In SRDS, 2012, pp. 31–40
Google Scholar
Pengsu, C., Lingyu, W., Anoop, J.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, pp. 31–40. IEEE, SRDS (2012)
Google Scholar
Siv, H. Virginia, H., Franqueira, N.L., Erlend A. Engum.: Quantifying security risk level from CVSS estimates of frequency and impact, J. sys. softw. 83 (9), ISSN 0164-1212, pp. 1622–1634 (2010)
Google Scholar
Mallek, H., Walha, A., Faiza, G.J., Gargouri, Faiez: ETL-Web process modeling, 8me edition de la confrence sur les Avancs des Systmes Dcisionnels, Hamamet Tunisia (2014)
Google Scholar
Bellovin, S.: On the Brittleness of Software and the Infeasibility of Security Metrics, IEEE Security and Privacy (2006)
Google Scholar
Thompson Lord Kelvin, W.: Electrical Units of Measurement,? Lecture at the Institution of Civil Engineers, London, 3 May 1883, Popular Lectures and Addresses, vol. 1, pp. 73–136 (1889)
Google Scholar

Download references

Author information

Authors and Affiliations

MIRACL-ISIMS Pole technologique de SFAX BP 242-3021, Sakiet Ezzit Sfax, Sfax, Tunisia
Salma Dammak, Faiza Ghozzi Jedidi & Faiez Gargouri

Authors

Salma Dammak
View author publications
You can also search for this author in PubMed Google Scholar
Faiza Ghozzi Jedidi
View author publications
You can also search for this author in PubMed Google Scholar
Faiez Gargouri
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Salma Dammak .

Editor information

Editors and Affiliations

Software Engineering and Information Institute, Central Michigan University, Mount Pleasant, Michigan, USA
Roger Lee

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Dammak, S., Jedidi, F.G., Gargouri, F. (2016). Security Measures for Web ETL Processes. In: Lee, R. (eds) Computer and Information Science 2015. Studies in Computational Intelligence, vol 614. Springer, Cham. https://doi.org/10.1007/978-3-319-23467-0_2

Download citation

DOI: https://doi.org/10.1007/978-3-319-23467-0_2
Published: 17 October 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23466-3
Online ISBN: 978-3-319-23467-0
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics