Organizations depend increasingly on information systems, which rely upon databases and data warehouses (DWs), which need increasingly more quality and security. Generally, we have to deal with sensitive information such as the diagnosis made on a patient or even personal beliefs or other sensitive data. Therefore, a final DW solution should consider the final users that can have access to certain specific information. Unfortunately, methodologies that incorporate security are based on an operational environment and not on an analytical one. Therefore, they do not include security into the multidimensional approaches to work with DWs. In this chapter, we present a comparison of six secure-systems design methodologies. Next, an extension of the UML that allows us to specify main security aspects in the multidimensional conceptual modeling is proposed, thereby allowing us to design secure DWs. Finally, we present how the conceptual model can be implemented with Oracle Label Security (OLS10g).
|Title of host publication||Enterprise Information Systems Assurance and System Security|
|Subtitle of host publication||Managerial and Technical Issues|
|Number of pages||16|
|State||Published - 1 Dec 2006|