User Profile Management to protect sensitive data in Warehouses
##plugins.themes.academic_pro.article.main##
Abstract
A data warehouse presents a rich source of information on the activities of the company and the privacy of individuals. So this source can be used as a very powerful mechanism for discovering the crucial information of company.. Hence the importance of implementing security measures which guarantee the data confidentiality by establishing an access control policy. In this direction, several propositions were made, but none are considered as a standard for access management to data warehouses. In this article, we will present our approach that allows first to exploit the permissions defined in the data sources in order to help the administrator to define access permissions to the data warehouse, and then our system will automatically generate the sensitivity level of each data warehouse element according to the permissions granted to an object in the data warehouse. This makes it possible to specify sensitive data in order to protect them against illegal access and to detect inferences.
##plugins.themes.academic_pro.article.details##
How to Cite
Amina EL OUAZZANI, Nouria Harbi, & Hassan Badir. (2018). User Profile Management to protect sensitive data in Warehouses. International Journal of Next-Generation Computing, 9(1), 12–32. https://doi.org/10.47164/ijngc.v9i1.136
References
- A.ROSENTHAL and SCIORE, S. 2000. View security as the basis for data warehouse security.
- BLANCO, C., GUZMN, I. G. R. D., FERNNDEZ-MEDINA, E., and TRUJILLO,J. 2015. An architecture for automatically developing secure olap applications from models. Information and Software Technology 59, 1{16.
- C.BLANCO, FERNANDEZ-MEDINA, E., TRUJILLO, J., and JURJENS, J. 2010. Towards the secure modelling of olap users behaviour.
- DEVBANDU, P. and STUBBLEBINE, S. 2000. Software engineering for security: a roadmap. Finkelstein, A. (ed.) The Future of Software Engineering, CM Press, New York, pp.227{239.
- EAVIS, T. and ALTHAMIMI, A. 2012. Olap authentication and autho-rization via queryre-writing. The Fourth International Conference on Advances in Databases, Knowledge, and Data Applications, 130{139.
- E.FERNANDEZ-MEDINA, TRUJILLO, J., VILLARROEL, R., and PIATTINI, M. 2006. Access control and audit model for the multidimensional modeling of dws. Decision Support Systems 12701289.
- FERNNDEZ-MEDINA, E., TRUJILLO, J., VILLARROEL, R., and PIATTINI, M. 2007. Developing secure data warehouses with a uml extension. Information Systems 32(6), 826{856.
- INMON. 1991. Building the data warehouse.
- J.TRUJILLO, E.SOLER, E.FERNNDEZ-MEDINA, and M.PIATTINI. 2009. A uml 2.0 prole to dene security requirements for data warehouses. Computer Standards and Interfaces 31(5), 969-983.
- KHAJARIA, K. and KUMAR, M. 2011. Evaluation of approaches for modeling of security in data warehouses. Advances in Computing and Communications Springer Berlin Heidelberg 26, pp. 9{18.
- LANDWEHR, C. 2001. Computer security. Inter Journal of Information Security 13.
- L.SWEENEY. 2002. k-anonymity: A model for protecting privacy. Advances in Computing and Communications Springer Berlin Heidelberg 25.
- Ouazzani, A., Rhazlane, S., N.Harbi, and H.Badir. 2016. Dynamic management of data warehouse security levels based on user proiles. Information Science and Technology (CiSt),4th IEEE International Colloquium, 59{64.
- PRIEBE, T. and PERNUL, G. 2000. Towards olap security design survey and research issues. Proceedings of the 3rd ACM International Workshop on Data Warehousing and OLAP 3340.
- PRIEBE, T. and PERNUL, G. 2001. A pragmatic approach to concep-tual modeling of olap security. Proceedings of the 20th Interna-tional Conference on Conceptual Modeling (ER01) 2224, 311{324.
- International Journal of Next-Generation Computing, Vol. 6, No. 3, November 2015. 225
- R.KIRKGOZE, KATIC, N., STOLBA, M., and TJOA, A. 1997. A security concept for olap. A security concept for olap. Proceedings of the 8th International Workshop on Database and Expert System Applications, 619{626.
- R.MOUSSA and BADIR, H. 2013. Data warehouse systems in the cloud: rise to the benchmarking challenge. Journal International of Computers and Their Applications 245.
- RODRIGUEZ, A., FERNANDEZ-MEDINA, E., TRUJILLO, J., and PIATTINI, M. 2011a. Secure business process model specication through a uml 2.0 activity diagram proile. 24.
- RODRIGUEZ, A., FERNANDEZ-MEDINA, E., TRUJILLO, J., and PIATTINI, M. 2011b. Secure business process model specication through a uml 2.0 activity diagram proile.
- ROSENTHAL, A. and SCIORE, S. 2000. View security as the basis for data warehouse securitye. DMDW.
- R.VILLARROEL, FERNANDEZ-MEDINA, E., and PIATTINI, M. 2006. A uml 2.0/ocl extension for designing secure data warehouses. Journal of Research and Practice in Information Technology 23, 31{43.
- SALTOR, F., OLIVA, M., ABELLO, A., and SAMOS, J. 2002. Building se-cure data warehouse schemas from federated information systems.
- SOLER, E., STEFANOV, V., and MAZON, N. 2008. Towards comprehensive requirement analysis for data warehouses. Considering Security Requirements IEEE, Los Alamitos, 104{111.
- S.TRIKI, BEN-ABDALLAH, H., BOUSSAID, O., and HARBI, N. 2013. Scurisation des entrepts de donnes: de la conception lexploitation. Rapport de thse.