Towards the Secure Modelling of OLAP Users’ Behaviour

  • Carlos Blanco
  • Eduardo Fernández-Medina
  • Juan Trujillo
  • Jan Jurjens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6358)


Information Security is a crucial aspect for organizations, and must be considered during the development of Information Systems. The data in Data Warehouses (DWs) are highly sensitive since they manage historical information which is used to make strategic decisions, and security constraints should therefore be included in DW modelling within its structural aspects. However, another dynamic security component is also related to the sequences of OLAP (On-Line Analytical Processing) operations, and could be used to access (or infer) unauthorized information. This paper complements the modelling of DWs with state models, which permit the modelling of these dynamic situations in which sensitive information could be inferred. That is, it models queries that include security issues, and controls that their evolution through the application of OLAP operations always leads to authorized states. Finally, our proposal has been applied to a healthcare case study in which a DW manages admissions information with various security constraints.


Data Warehouses OLAP Users Behaviour Query Evolution State Models Security Inference Healthcare 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Inmon, H.: Building the Data Warehouse, 3rd edn. John Wiley & Sons, USA (2002)Google Scholar
  2. 2.
    Kimball, R.: The Data Warehouse Toolkit. John Wiley & Sons, Chichester (2002)Google Scholar
  3. 3.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-based modeling language for model-driven security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, p. 426. Springer, Heidelberg (2002)Google Scholar
  4. 4.
    Mouratidis, H., Giorgini, P.: Integrating Security and Software Engineering: Advances and Future Vision. Idea Group Publishing, USA (2006)Google Scholar
  5. 5.
    Fernández-Medina, E., et al.: Model-Driven Development for secure information systems. Information and Software Technology 51(5), 809–814 (2009)CrossRefGoogle Scholar
  6. 6.
    Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  7. 7.
    Jurjens, J.: Principles for Secure Systems Design, PhD Thesis, Oxford University (2002)Google Scholar
  8. 8.
    Houmb, S.H., et al.: Cost-Benefit Trade-Off Analysis using BBN for Aspect-Oriented Risk-Driven Development. In: International Conference on Engineering of Complex Computer Systems (ICECCS), pp. 195–204. IEEE Computer Society, Shanghai (2005)CrossRefGoogle Scholar
  9. 9.
    Thuraisingham, B., Kantarcioglu, M., Iyer, S.: Extended RBAC-based design and implementation for a secure data warehouse. International Journal of Business Intelligence and Data Mining (IJBIDM) 2(4), 367–382 (2007)CrossRefGoogle Scholar
  10. 10.
    Priebe, T., Pernul, G.: A Pragmatic Approach to Conceptual Modeling of OLAP Security. In: Kunii, H.S., Jajodia, S., Sølvberg, A. (eds.) ER 2001. LNCS, vol. 2224, p. 311. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Fernández-Medina, E., Trujillo, J., Piattini, M.: Model Driven Multidimensional Modeling of Secure Data Warehouses. European Journal of Information Systems 16, 374–389 (2007)CrossRefGoogle Scholar
  12. 12.
    Saltor, F., et al.: Building Secure Data Warehouse Schemas from Federated Information Systems. In: Bestougeff, H., Dubois, J.E., Thuraisingham, B. (eds.) Heterogeneous Inf. Exchange and Organizational Hubs, pp. 123–134. Kluwer Academic Publisher, Dordrecht (2002)Google Scholar
  13. 13.
    Trujillo, J., et al.: A UML 2.0 Profile to define Security Requirements for DataWarehouses. Computer Standard and Interfaces 31(5), 969–983 (2009)CrossRefMathSciNetGoogle Scholar
  14. 14.
    Trujillo, J., et al.: An Engineering Process for Developing Secure Data Warehouses. Information and Software Technology 51(6) (2009)Google Scholar
  15. 15.
    Fernández-Medina, E., et al.: Access Control and Audit Model for the Multidimensional Modeling of Data Warehouses. Decision Support Systems 42, 1270–1289 (2006)CrossRefGoogle Scholar
  16. 16.
    Soler, E., et al.: Building a secure star schema in data warehouses by an extension of the relational package from CWM. Computer Standard and Interfaces 30(6), 341–350 (2008)CrossRefGoogle Scholar
  17. 17.
    Blanco, C., et al.: Applying QVT in order to implement Secure Data Warehouses in SQL Server Analysis Services. Journal of Research and Practice in Information Technology 41(2), 135–154 (2009)MathSciNetGoogle Scholar
  18. 18.
    Fernández-Medina, E., et al.: Developing Secure Data Warehouses with a UML extension. Information Systems 32(6), 826–856 (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Carlos Blanco
    • 1
  • Eduardo Fernández-Medina
    • 2
  • Juan Trujillo
    • 3
  • Jan Jurjens
    • 4
  1. 1.Dep. Of Mathematics, Statistical and Computation. Facultad de CienciasUniversity of CantabriaSantanderSpain
  2. 2.Dep. of Information Technologies and Systems. Escuela Superior de Informática., GSyA Research Group.University of Castilla-La Mancha.Ciudad RealSpain
  3. 3.Dep. of Information Languages and Systems. Facultad de Informática., LUCENTIA Research Group.University of AlicanteAlicanteSpain
  4. 4.Germany TU Dortmund & Fraunhofer ISST.Germany

Personalised recommendations