Access control and audit model for the multidimensional modeling of data warehouses

Eduardo Fernández-Medina, Juan Trujillo, Rodolfo Villarroel, Mario Piattini

Research output: Contribution to journalArticlepeer-review

58 Scopus citations


Due to the sensitive data contained in Data Warehouses (DW), it is essential to specify security measures from the early stages of the DW design and enforce them. Traditional access control models for transactional (relational) databases, based on tables, columns and rows, are not appropriate for DWs. Instead, security and audit rules defined for DWs must be specified based on the multidimensional (MD) modeling used to design data warehouses. Current approaches for the conceptual modeling of DWs do not allow us to specify security and confidentiality constraints in the conceptual modeling phase. In this paper, we propose an Access Control and Audit (ACA) model for DWs by specifying security rules in the conceptual MD modeling. Thus, we define authorization rules for users and objects and we assign sensitive information rules and authorization rules to the main elements of a MD model (e.g., facts or dimensions). Moreover, we also specify certain audit rules allowing us to analyze user behaviors. To be able to include and use our ACA model in the conceptual MD modeling, we extend the Unified Modeling Language (UML) with our ACA model, thereby allowing us to design secure MD models. Finally, to show the benefit of our approach, we apply our approach to a health care case study.

Original languageEnglish
Pages (from-to)1270-1289
Number of pages20
JournalDecision Support Systems
Issue number3
StatePublished - Dec 2006
Externally publishedYes


  • Access control
  • Audit
  • Data warehouses
  • Secure multidimensional modeling
  • UML


Dive into the research topics of 'Access control and audit model for the multidimensional modeling of data warehouses'. Together they form a unique fingerprint.

Cite this