Abstract
Security aspects currently play a vital role in software systems. As security managers have to operate within limited budgets they also have to patch up the increasing number of software security vulnerabilities. They need to perform a risk evaluation in order to determine the priority of patching-up vulnerabilities. The use of quantitative security assessment methods enables efficient prioritization of security efforts and investments to mitigate the discovered vulnerabilities and thus an opportunity to lower expected losses. Elsewhere, Extraction Transformation Load (ETL) processes, known as a core, development of WeBhouse. Securing these processes is highly important and helps in mitigating security defects in decisional system. For this purposes, this paper adopts the Common Vulnerability Scoring System (CVSS) and proposes a Meta model for security measure in Web ETL processes enabling security manager to asset anticipated vulnerabilities.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
OMG, O.M.: Omg unified modeling language (omg uml), superstructure, v2.1.2 (2007)
Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system version 2.0, NIST and Carnegie Mellon University, 1st edn, June 2007
Mehedintu, A., Bulgiu, I., Pirvy, C.: Web-enabled Data Warehouse and Data Webhouse
Hernndez, P., Garrigs, J.: Model-driven development of multidimensional models from web log files, ER?10 Proceedings of the international conference on Advances in conceptual modeling: applications and challenges, pp. 170–179 (2010)
Liu, J., Hu Chaou, J., YuanHeJin: Application of Web Services on The Real-time Data Warehouse Technology (2010)
Kimball, R., Merz, R.: Le DATA WEBHOUSE:Analyser les comportements client sur le Web, Eyrolles Edition, 2000
Muralini, M., Kumar, T.V.S., Kanth, K.R: Simulating Secure Data Extraction in Extraction Transformation Loading (ETL) Processes, In Third UKSim European Symposium on Computer Modeling and Simulation, pp. 142–147 (2009)
Muralini, M., Kumar, T.V.S, Kanth, K.R.: Simulating: Secure ETL Process Model: An Assessment of Security in Different Phases of ETL, In Software Engineering Competence Center (2013)
Kiran, P., Sathish Kumar, S., Kavya, NP.: Modelling Extraction Transformation Load embedding Privacy Preservation using UML, Int. j. comput. Appl. (2012)
National Institute of Standards and Technology Special Publication 800–30, Risk Management Guide for Information Technology Systems, June 2001
National Institute of Standards and Technology Special Publication 800–53, Recommended Security Controls for Federal Information Systems, December 2007
National Institute of Standards and Technology Special Publication 800–55, Performance Measurement Guide for Information Security, July 2008
Cheng, P., Wang,L., Jajodia, S., Singhal, A.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, In SRDS, 2012, pp. 31–40
Pengsu, C., Lingyu, W., Anoop, J.: Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics, pp. 31–40. IEEE, SRDS (2012)
Siv, H. Virginia, H., Franqueira, N.L., Erlend A. Engum.: Quantifying security risk level from CVSS estimates of frequency and impact, J. sys. softw. 83 (9), ISSN 0164-1212, pp. 1622–1634 (2010)
Mallek, H., Walha, A., Faiza, G.J., Gargouri, Faiez: ETL-Web process modeling, 8me edition de la confrence sur les Avancs des Systmes Dcisionnels, Hamamet Tunisia (2014)
Bellovin, S.: On the Brittleness of Software and the Infeasibility of Security Metrics, IEEE Security and Privacy (2006)
Thompson Lord Kelvin, W.: Electrical Units of Measurement,? Lecture at the Institution of Civil Engineers, London, 3 May 1883, Popular Lectures and Addresses, vol. 1, pp. 73–136 (1889)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Dammak, S., Jedidi, F.G., Gargouri, F. (2016). Security Measures for Web ETL Processes. In: Lee, R. (eds) Computer and Information Science 2015. Studies in Computational Intelligence, vol 614. Springer, Cham. https://doi.org/10.1007/978-3-319-23467-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-23467-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23466-3
Online ISBN: 978-3-319-23467-0
eBook Packages: EngineeringEngineering (R0)