Towards a UML 2.0/OCL extension for designing Secure Data Warehouses

Rodolfo Villarroel, Eduardo Fernández-Medina, Mario Piattini

Abstract

At present, it is very difficult to develop a methodology that fulfills all criteria and comprises all security constraints in terms of confidentiality, integrity and availability, to successfully design data warehouses. If that methodology was developed, its complexity would avoid its success. Therefore, the solution would be an approach in which techniques and models defined by the most accepted model standards (such as UML) were extended by integrating the necessary security aspects that, at present, are not covered by the existing methodologies. In this paper, we will focus on solving confidentiality problems in data warehouses conceptual modeling by defining a profile using the UML 2.0 extensibility mechanisms. In addition, we will define an OCL extension that allows us to specify the static and dynamic security constraints of the elements of data warehouses conceptual modeling, and we will show the benefit of our approach by applying this profile to an example.

References

  1. Abelló, A., Samos, J., Saltor, F.: YAM2 (Yet Another Multidimensional Model): An Extension of UML, in International Database Engineering & Applications Symposium (IDEAS 2002). 2002, IEEE Computer Society: Edmonton, Canada. p. 172-181.
  2. Chung, L., Nixon, B., Yu, E., Mylopoulos, J.: Non-functional requirements in software engineering. 2000, Boston/Dordrecht/London: Kluwer Academic Publishers.
  3. Conallen, J.: Building Web Applications with UML. Object Technology Series. 2000: Addison-Wesley.
  4. Devanbu, P., Stubblebine, S.: Software engineering for security: a roadmap, in The Future of Software Engineering, Finkelstein, A., Editor. 2000, ACM Press. p. 227-239.
  5. Dhillon, G. Backhouse, J.: Information system security management in the new millennium. Communications of the ACM, 2000. 43(7): p. 125-128.
  6. Ferrari, E. Thuraisingham, B.: Secure Database Systems, in Advanced Databases: Technology Design, Piattini, M. Díaz, O., Editors. 2000, Artech House: London.
  7. Fuentes-Fernández, L., Vallecillo-Moreno, A.: An Introduction to UML Profiles. UPGRADE, 2004. 2(2): p. 6-13.
  8. Golfarelli, M., Maio, D., Rizzi, S.: The Dimensional Fact Model: A Conceptual Model for Data Warehouses. International Journal of Cooperative Information Systems (IJCIS), 1998. 7(2-3): p. 215-247.
  9. Husemann, B., Lechtenborger, J., Vossen, G.: Conceptual Data Warehouse Design, in Proceedings of the 2nd. International Workshop on Design and Management of Data Warehouses (DMDW'2000). Stockholm, Sweden. p. 3-9.
  10. Inmon, H.: Building the Data Warehouse. Third Edition. 2002, USA: John Wiley & Sons.
  11. Katic, N., Quirchmayr, G., Schiefer, J., Stolba, M., Min Tjoa, A.: A Prototype Model for Data Warehouse Security Based on Metadata. in 9th International Workshop on Database and Expert Systems Applications (DEXA'98). Vienna, Austria.: IEEE Computer Society.
  12. Kirkgöze, R., Katic, N., Stolda, M., Min Tjoa, A.:A Security Concept for OLAP. in 8th International Workshop on Database and Expert System Applications (DEXA'97). 1997. Toulouse, France: IEEE Computer Society.
  13. Luján-Mora, S., Trujillo, J., Song, I.Y.:Extending the UML for Multidimensional Modeling. in 5th International Conference on the Unified Modeling Language (UML 2002). 2002. Dresden, Germany: Springer-Verlag. LNCS 2460.
  14. OMG. UML 2.0 Infraestructure Specification, OMG Document pct/03-09-5. 2003, http://www.uml.org
  15. Priebe, T. Pernul, G.: Towards OLAP Security Design - Survey and Research Issues. in 3rd ACM International Workshop on Data Warehousing and OLAP (DOLAP'00). 2000. Washington DC, USA.
  16. Rosenthal, A. Sciore, E.: View Security as the Basic for Data Warehouse Security. in 2nd International Workshop on Design and Management of Data Warehouse (DMDW'00). 2000. Sweden.
  17. Sapia, C., Blaschka, M., Höfling, G., Dinter, B.: Extending the E/R Model for the Multidimensional Paradigm. in 1st International Workshop on Data Warehouse and Data Mining (DWDM'98). 1998. Singapore: Springer-Verlag.
  18. Trujillo, J., Palomar, M., Gómez, J., Song, I.Y.: Designing Data Warehouses with OO Conceptual Models. IEEE Computer, 2001(34): p. 66-75.
  19. Tryfona, N., Busborg, F., Christiansen, J.: starER: A Conceptual Model for Data Warehouse Design. in ACM 2nd International Workshop on Data Warehousing and OLAP (DOLAP'99). 1999. Missouri, USA: ACM.
  20. Warmer, J. Kleppe, A.: The Object Constraint Language Second Edition. Getting Your Models Ready for MDA. 2003: Addison Wesley.
Download


Paper Citation


in Harvard Style

Villarroel R., Fernández-Medina E. and Piattini M. (2005). Towards a UML 2.0/OCL extension for designing Secure Data Warehouses . In Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005) ISBN 972-8865-25-2, pages 217-228. DOI: 10.5220/0002577302170228


in Bibtex Style

@conference{wosis05,
author={Rodolfo Villarroel and Eduardo Fernández-Medina and Mario Piattini},
title={Towards a UML 2.0/OCL extension for designing Secure Data Warehouses},
booktitle={Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)},
year={2005},
pages={217-228},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002577302170228},
isbn={972-8865-25-2},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)
TI - Towards a UML 2.0/OCL extension for designing Secure Data Warehouses
SN - 972-8865-25-2
AU - Villarroel R.
AU - Fernández-Medina E.
AU - Piattini M.
PY - 2005
SP - 217
EP - 228
DO - 10.5220/0002577302170228