Obtaining Secure Code in SQL Server Analysis Services by using MDA and QVT

Carlos Blanco, Ignacio García-Rodríguez de Guzmán, Eduardo Fernández-Medina, Mario Piattini

Abstract

Data Warehouses manage historical information for the decision making process that could be found out by unauthorized users when security constraints are not established. Therefore, it is very important for OLAP tools to consider the security rules defined at early stages of the development lifecycle. Following the MDA approach we have created an architecture for developing secure Data Warehouses and in this paper we complete this architecture obtaining secure multidimensional code in SQL Server Analysis Services from our secure multidimensional conceptual model (SECDW) by using QVT transformations. We focus on automatically obtain code for the security constraints defined at upper abstraction levels.

References

  1. Kimball, R.: The Data Warehouse Toolkit 2 Edition. John Wiley and Sons (2002)
  2. Devanbu, P., Stubblebine, S.: Software engineering for security: a roadmap. ACM Press. Future of Software Engineering (2000) 227-239
  3. Mouratidis, H., Giorgini, P.: An introduction. In: Integrating Security and Software Engineering: Advances and Future Visions. Idea Group Publishing (2006)
  4. Denker, G., Kagal, L., Finin, T.: Security in the semantic web using owl. Information Security Technical Report 10 (2005) 51-58
  5. Dhillon, G., Backhouse, J.: Information system security management in the new millennium. Communications of the ACM 43 (2000) 125-128
  6. MDA, O.M.G.: Model driven architecture guide. (2003)
  7. Czarnecki, K., Helsen, S.: Classification of model transformation approaches. (2003)
  8. QVT, O.M.G.: (Omg mof 2.0 query, views, transformations request for proposals)
  9. Fernández-Medina, E., Trujillo, J., Piattini, M.: Model driven multidimensional modeling of secure data warehouses. European Journal of Information Systems 16 (2007) 374-389
  10. Blanco, C., Fernández-Medina, E., Trujillo, J., Piattini, M.: Implementing multidimensional security into olap tools. In: Third International Workshop ”Dependability Aspects on Data WArehousing and Mining applications” (DAWAM 2008), Barcelona, Spain, IEEE Computer Society (2008) 1248-1253
  11. Soler, E., Stefanov, V., Mazó n, J.N., Trujillo, J., Fernández-Medina, E., Piattini, M.: Towards comprehensive requirement analysis for data warehouses: Considering security requirements. In: Proccedings of The Third International Conference on Availability, Reliability and Security (ARES), Barcelona, Spain, IEEE Computer Society (2008) 104-111
  12. Fernndez-Medina, E., Trujillo, J., Villarroel, R., Piattini, M.: Developing secure data warehouses with a uml extension. Information Systems 32 (2007) 826-856
  13. Fernández-Medina, E., Trujillo, J., Villarroel, R., Piattini, M.: Access control and audit model for the multidimensional modeling of data warehouses. Decision Support Systems 42 (2006) 1270-1289
  14. Soler, E., Villaroel, R., Trujillo, J., Fernndez-Medina, E., Piattini, M.: Representing security and audit rules for data warehouses at the logical level by using the common warehouse metamodel. In: 1st Int. Conference on Availability, Reliability and Security, Vienna, Austria (2006) 914-921
  15. Soler, E., Trujillo, J., Fernndez-Medina, E., Piattini, M.: A set of qvt relations to transform pim to psm in the design of secure data warehouses. In: IEEE International Symposium on Frontiers on Availability, Reliability and Security (FARES 2007), Viena, Austria (2007) 644-651
  16. Lujan-Mora, S., Trujillo, J., Song, I.Y.: A uml profile for multidimensional modeling in data warehouses. Data and Knowledge Engineering 59 (2006) 725-769
Download


Paper Citation


in Harvard Style

Blanco C., García-Rodríguez de Guzmán I., Fernández-Medina E. and Piattini M. (2008). Obtaining Secure Code in SQL Server Analysis Services by using MDA and QVT . In Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008) ISBN 978-989-8111-44-9, pages 38-48. DOI: 10.5220/0001745200380048


in Bibtex Style

@conference{wosis08,
author={Carlos Blanco and Ignacio García-Rodríguez de Guzmán and Eduardo Fernández-Medina and Mario Piattini},
title={Obtaining Secure Code in SQL Server Analysis Services by using MDA and QVT},
booktitle={Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008)},
year={2008},
pages={38-48},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001745200380048},
isbn={978-989-8111-44-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2008)
TI - Obtaining Secure Code in SQL Server Analysis Services by using MDA and QVT
SN - 978-989-8111-44-9
AU - Blanco C.
AU - García-Rodríguez de Guzmán I.
AU - Fernández-Medina E.
AU - Piattini M.
PY - 2008
SP - 38
EP - 48
DO - 10.5220/0001745200380048